HTTP Headers Analysis for https://autodiscover.rnbdeveloper.com

SSL Verification Bypassed

The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.

Reason:

Hostname Mismatch - certificate is issued for privateemail.com, www.privateemail.com, not for autodiscover.rnbdeveloper.com

Open Cached · just now

20 Headers

Detected Technologies from Headers

See all in URL Inspect 17

AWS Active incidents

Cloudflare CDN

Cloudflare Turnstile

Crazy Egg

Google Analytics

Google DoubleClick

Google Fonts

Google Search

Google Static File Front End

Google Tag Manager

New Relic

Nginx

OneTrust

PrivateEmail

Stripe

Typeform

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains, max-age=15552000

Content-Security-Policy

Basic

default-src; connect-src; script-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=(self "https://privateemail.com"), microphone=()

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'

Performance Headers

Connection

Performance

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

no-cache, no-store, must-revalidate, no-store

Pragma

Caching

no-cache

cache-control: no-cache, no-store, must-revalidate, no-store
pragma: no-cache

Content Headers

Content-Type

Content

text/html

content-type: text/html

Server Headers

Server

nginx

server: nginx

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

set-cookie: z-web-sessionid=376029f5-d6f1-b5d6-9c8b-8fe19f401e0e; expires=Thu, 25 Jun 2026 13:34:15 GMT; max-age=2592000; domain=.privateemail.com; path=/; secure; samesite=lax; httponly
z-web-sessionid-sig=EA7109A7F261A653FD5BE833B523DA7355C67EFA.G5+Rj5bnd//Moyk4tOijzXcbbHOEBsm93/Y//71SQjX2PHoZCc+NpMYjBQUpxAB2GSeS3VNg7DO2r+W89yV4iXmUNk6DDLPthDHV9xxiyJpjw2cpFLnfwpo7S7rGKbBUmK6Wg0GOlTxS2a0X+ZT0H2IFLVQeQPiju8IwD6xOAjEqgd0+e0u1CX7NMkLzQO1pLmDzTeAmt6Eq8pQTGHjGwoJPtrGAMahMYjkq9mwITKNMWXDzcL7aUm9qWO/t3xjdhzsYgFqn6Wb27ay6ysSe+Wfhg9eFxaMA5o3H3AanBcn7dFSr1LDf1D2nVigWM2ZhIfA2VA2CT/yu9ZJhmZeMWg==; expires=Thu, 25 Jun 2026 13:34:15 GMT; max-age=2592000; domain=.privateemail.com; path=/; secure; samesite=lax; httponly
ilc-i18n=en-US%3AUSD; Path=/; Expires=Wed, 26 May 2027 13:34:15 GMT
__cf_bm=ieruX.tYgVCgliX_0mt_tSHRB6163qO8gdVS7mUqK5U-1779802455.1231244-1.0.1.1-O5yooJazsvcePkj1hnbkqs8NMEET4GzMY1SUPHGlFCGxqPZBhiZ8LNLDITTHTpjCu_FbT4SQlRWrPmMHFLGSHyjD0tFFtuCEEg0D235cvChjrDIxCSmjK88kIa4vYrjc; HttpOnly; SameSite=None; Secure; Path=/; Domain=spaceship.com; Expires=Tue, 26 May 2026 14:04:15 GMT

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

a01d28008e449179-DFW

Date

Other

Tue, 26 May 2026 13:34:15 GMT

Link

Other

URL https://spaceship-cdn.com/webmaillandingpages-privateemail-ui/app.8e0be3ed4e1479d96822.css

rel=preload as=style nopush

URL https://spaceship-cdn.com/sharedstaticresources-ui/main.54610623bc58522a15c4.css

rel=preload as=style nopush

URL https://spaceship-cdn.com/webmaillandingpages-privateemail-ui/app.612f857305ff4d522bb9.js

rel=preload as=script nopush crossorigin

X-Content-Security-Policy

Other

frame-ancestors 'self'

X-Webkit-Csp

Other

frame-ancestors 'self'

cf-cache-status: DYNAMIC
cf-ray: a01d28008e449179-DFW
date: Tue, 26 May 2026 13:34:15 GMT
link: <https://spaceship-cdn.com/webmaillandingpages-privateemail-ui/app.8e0be3ed4e1479d96822.css>; rel="preload"; as="style"; nopush;,<https://spaceship-cdn.com/sharedstaticresources-ui/main.54610623bc58522a15c4.css>; rel="preload"; as="style"; nopush;,<https://spaceship-cdn.com/webmaillandingpages-privateemail-ui/app.612f857305ff4d522bb9.js>; rel="preload"; as="script"; nopush; crossorigin
x-content-security-policy: frame-ancestors 'self'
x-webkit-csp: frame-ancestors 'self'

Recommendations

Enable compression (gzip/brotli) to improve performance