HTTP Headers Analysis for https://app.alle.com

Detected Technologies from Headers

See all in URL Inspect 2

Amazon CloudFront

Amazon S3

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=63072000; includeSubdomains; preload

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Present

accelerometer=(), autoplay=(), camera=(); +10 more

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

Accept-Encoding

accept-ranges: bytes
connection: close
vary: Accept-Encoding

Caching Headers

Age

Caching

17403

Etag

Caching

"e9c99a697d5254c89d7c605a1092faa1"

Last-Modified

Caching

Mon, 09 Feb 2026 21:47:34 GMT

age: 17403
etag: "e9c99a697d5254c89d7c605a1092faa1"
last-modified: Mon, 09 Feb 2026 21:47:34 GMT

Content Headers

Content-Length

Content

10787

Content-Type

Content

text/html

content-length: 10787
content-type: text/html

Server Headers

Server

AmazonS3

server: AmazonS3

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Tue, 17 Feb 2026 05:52:38 GMT

Via

Other

1.1 0145ea6cf3813022e500cf46dfa7f256.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

cEuKh1_XxYCLaU72th7xK9vKQsOxQIitG2HXjoJOIeA1nuSAv7Y4Tw==

X-Amz-Cf-Pop

Other

IAD55-P10

X-Amz-Server-Side-Encryption

Other

AES256

X-Amz-Version-Id

Other

0CKCbkB4riRyTOsZRLlKIgcL4Vurp43C

X-Cache

Other

Hit from cloudfront

X-Lae-Region

Other

us-east-1

date: Tue, 17 Feb 2026 05:52:38 GMT
via: 1.1 0145ea6cf3813022e500cf46dfa7f256.cloudfront.net (CloudFront)
x-amz-cf-id: cEuKh1_XxYCLaU72th7xK9vKQsOxQIitG2HXjoJOIeA1nuSAv7Y4Tw==
x-amz-cf-pop: IAD55-P10
x-amz-server-side-encryption: AES256
x-amz-version-id: 0CKCbkB4riRyTOsZRLlKIgcL4Vurp43C
x-cache: Hit from cloudfront
x-lae-region: us-east-1

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching