HTTP Headers Analysis for https://app.trustbound.com

Detected Technologies from Headers

See all in URL Inspect 7

Google Fonts

Google Static File Front End

jsDelivr

Nginx

Vimeo

YouTube

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Good

default-src; style-src; font-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

accelerometer=(), ambient-light-sensor=(), autoplay=(); +48 more

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private

Expires

Caching

Sun, 01 Jan 2014 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

nginx

server: nginx

CORS Headers

Access-Control-Allow-Headers

Cors

none

Access-Control-Allow-Methods

Cors

none

Access-Control-Allow-Origin

Cors

none

access-control-allow-headers: none
access-control-allow-methods: none
access-control-allow-origin: none

Cookies Headers

Set-Cookie

Cookies

set-cookie: trustbound_grc=7f8a7c6bf49f1115d25b3929a649b5ce; path=/; secure; HttpOnly; SameSite=lax

Other Headers

Date

Other

Sun, 10 May 2026 16:58:35 GMT

X-Header-Size

Other

2542

date: Sun, 10 May 2026 16:58:35 GMT
x-header-size: 2542

Recommendations

Enable compression (gzip/brotli) to improve performance