HTTP Headers Analysis for https://api.cloudpassage.com

Detected Technologies from Headers

See all in URL Inspect 7

Adobe Marketo

Google Fonts

Google reCAPTCHA

Google Search

Google Static File Front End

Google Cloud

Google Cloud Storage

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=63113904; includeSubDomains

Content-Security-Policy

Basic

default-src; font-src; frame-ancestors; +4 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding, Origin

connection: close
transfer-encoding: chunked
vary: Accept-Encoding, Origin

Caching Headers

Cache-Control

Caching

no-store

Expires

Caching

Thu, 01 Jan 1970 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _session=7981a1ac2fd61ceef1fb67112607dd57; path=/; secure; httponly; SameSite=Lax

Other Headers

Link

Other

URL https://cdn-mtg.ng.cloudpassage.com/assets/modern-91a2ee9483e52b31fbfa064abbf380ff39d5302064bec568c5adae52da16a80e.css

rel=preload as=style nopush

URL https://cdn-mtg.ng.cloudpassage.com/assets/login-3076bb0bcbf0e3399d51b626b07c0c844d063b10af1c99fb0000ba2b68183f26.css

rel=preload as=style nopush

URL https://cdn-mtg.ng.cloudpassage.com/assets/halo2_nui_layout-45b7868f08be24672a0a85bb6aadc123936d084f6da95e9762ba7ac12b6094f3.css

rel=preload as=style nopush

URL https://cdn-mtg.ng.cloudpassage.com/assets/application-491747c26e47f8a6ddaef812dbebb3efd4f7a8af277e35e26938912ff267d40f.css

rel=preload as=style nopush

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

942c1db7-a02a-42ba-b679-3be27d4990f6

link: <https://cdn-mtg.ng.cloudpassage.com/assets/modern-91a2ee9483e52b31fbfa064abbf380ff39d5302064bec568c5adae52da16a80e.css>; rel=preload; as=style; nopush,<https://cdn-mtg.ng.cloudpassage.com/assets/login-3076bb0bcbf0e3399d51b626b07c0c844d063b10af1c99fb0000ba2b68183f26.css>; rel=preload; as=style; nopush,<https://cdn-mtg.ng.cloudpassage.com/assets/halo2_nui_layout-45b7868f08be24672a0a85bb6aadc123936d084f6da95e9762ba7ac12b6094f3.css>; rel=preload; as=style; nopush,<https://cdn-mtg.ng.cloudpassage.com/assets/application-491747c26e47f8a6ddaef812dbebb3efd4f7a8af277e35e26938912ff267d40f.css>; rel=preload; as=style; nopush,<https://cdn-mtg.ng.cloudpassage.com/assets/application-print-17abff94c1fe7cd889376c11be672ab09d551565a62207f38137b3835e4bc416.css>; rel=preload; as=style; nopush,<https://cdn-mtg.ng.cloudpassage.com/assets/application-c867de7b2ce8b8b91457a699978a032c2b45fcf976154147560a1599b35f8cea.js>; rel=preload; as=script; nopush
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 942c1db7-a02a-42ba-b679-3be27d4990f6

Recommendations

Enable compression (gzip/brotli) to improve performance