HTTP Headers Analysis for https://cloudapi.mailercloud.com

Detected Technologies from Headers

See all in URL Inspect 8

Cloudflare NEL Monitoring

AMP

Cloudflare Active incidents

Cloudflare CDN

Cloudflare Turnstile

Cloudflare Web Analytics

Google Fonts

Google Hosted Libraries

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; img-src; style-src; +7 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Present

geolocation=(), microphone=(), camera=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

no-store, no-cache, must-revalidate, max-age=0

Expires

Caching

0

Pragma

Caching

no-cache

cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: 0
pragma: no-cache

Content Headers

Content-Type

Content

application/json; charset=utf-8

content-type: application/json; charset=utf-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

Access-Control-Allow-Credentials

Cors

true

Access-Control-Allow-Headers

Cors

Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-Device-Fingerprint

Access-Control-Allow-Methods

Cors

DELETE,POST,HEAD,PATCH,OPTIONS,GET,PUT

Access-Control-Allow-Origin

Cors

*

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-Device-Fingerprint
access-control-allow-methods: DELETE,POST,HEAD,PATCH,OPTIONS,GET,PUT
access-control-allow-origin: *

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Apo-Via

Other

origin,host

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f9cdfb69f2c9c79-IAD

Date

Other

Sun, 10 May 2026 23:55:17 GMT

Nel

Other

Report-To Group cf-nel max-age: 1w

success: 0.0%

Report-To

Other

Group cf-nel max-age: 1w

Endpoint 1 https://a.nel.cloudflare.com/report/v4?s=9jGEEMEewRDCRni9uW5H%2FHXkeh6YTuqOTTJH%2FATqCYVSNrka7paTjidmxu0yLPbDhHXyMWQdDiruJ07OO%2BEsprGaMk1i%2BS7YSA0zcsA94Rxu9GjIKvL9ZN5vJ%2Fa7FJ5F5o3s0m%2BozJe8eQ%3D%3D

Server-Timing

Other

cfCacheStatus;desc="DYNAMIC", cfEdge;dur=287,cfOrigin;dur=0

Speculation-Rules

Other

"/cdn-cgi/speculation"

alt-svc: h3=":443"; ma=86400
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 9f9cdfb69f2c9c79-IAD
date: Sun, 10 May 2026 23:55:17 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9jGEEMEewRDCRni9uW5H%2FHXkeh6YTuqOTTJH%2FATqCYVSNrka7paTjidmxu0yLPbDhHXyMWQdDiruJ07OO%2BEsprGaMk1i%2BS7YSA0zcsA94Rxu9GjIKvL9ZN5vJ%2Fa7FJ5F5o3s0m%2BozJe8eQ%3D%3D"}]}
server-timing: cfCacheStatus;desc="DYNAMIC", cfEdge;dur=287,cfOrigin;dur=0
speculation-rules: "/cdn-cgi/speculation"

Recommendations

Enable compression (gzip/brotli) to improve performance