HTTP Headers Analysis for https://api.powerapps.com.rproxy.goskope.com

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Authorization, Accept-Language, Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Authorization, Accept-Language, Accept-Encoding

Caching Headers

Cache-Control

Caching

no-store, no-cache

cache-control: no-store, no-cache

Content Headers

Content-Type

Content

application/json; charset=utf-8

content-type: application/json; charset=utf-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Sun, 26 Apr 2026 10:32:35 GMT

Server-Timing

Other

x-ms-igw-upstream-headers;dur=3.2,x-ms-igw-req-overhead;dur=0.1

X-Ms-Activity-Vector

Other

00.00.00

X-Ms-Correlation-Id

Other

d40f08a1-ecae-4c6e-bfee-71f0e7ceeff9

X-Ms-Correlation-Request-Id

Other

d40f08a1-ecae-4c6e-bfee-71f0e7ceeff9

X-Ms-Igw-Tracking-Id

Other

f9f1b26f-3e46-48b5-ae5f-a5f35dc87f1c20260426103235_prdcm001eusgb0_1

X-Ms-Islandgateway

Other

_prdcm001eusgb0_1

X-Ms-Request-Id

Other

unitedstates.eastus:da21a8fe-effc-41f6-ba04-bd4551a0e7fb

X-Ms-Service-Request-Id

Other

f9f1b26f-3e46-48b5-ae5f-a5f35dc87f1c

X-Robots-Tag

Other

noindex, nofollow, nosnippet, noarchive, noimageindex

X-Servicefabric

Other

NoRetry

date: Sun, 26 Apr 2026 10:32:35 GMT
server-timing: x-ms-igw-upstream-headers;dur=3.2,x-ms-igw-req-overhead;dur=0.1
x-ms-activity-vector: 00.00.00
x-ms-correlation-id: d40f08a1-ecae-4c6e-bfee-71f0e7ceeff9
x-ms-correlation-request-id: d40f08a1-ecae-4c6e-bfee-71f0e7ceeff9
x-ms-igw-tracking-id: f9f1b26f-3e46-48b5-ae5f-a5f35dc87f1c20260426103235_prdcm001eusgb0_1
x-ms-islandgateway: _prdcm001eusgb0_1
x-ms-request-id: unitedstates.eastus:da21a8fe-effc-41f6-ba04-bd4551a0e7fb
x-ms-service-request-id: f9f1b26f-3e46-48b5-ae5f-a5f35dc87f1c
x-robots-tag: noindex, nofollow, nosnippet, noarchive, noimageindex
x-servicefabric: NoRetry

Recommendations

Enable compression (gzip/brotli) to improve performance