HTTP Headers Analysis for https://copilotstudio.preview.microsoft.com

Detected Technologies from Headers

See all in URL Inspect 8

Microsoft Entra ID

Akamai Active incidents

AzureFrontDoor

Azure Monitor

jsDelivr

Microsoft 365

Microsoft SharePoint

Microsoft Azure

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Weak

report-uri Analyze

Content-Security-Policy-Report-Only

Basic

script-src; frame-src; base-uri; +7 more Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

accept-ranges: bytes
connection: close

Caching Headers

Cache-Control

Caching

no-store, must-revalidate, no-cache

Expires

Caching

0

Pragma

Caching

no-cache

cache-control: no-store, must-revalidate, no-cache
expires: 0
pragma: no-cache

Content Headers

Content-Length

Content

8459

Content-Type

Content

text/html

content-length: 8459
content-type: text/html

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Tue, 07 Apr 2026 07:08:14 GMT

Link

Other

URL https://preview.content.powerapps.com

rel=preconnect

Server-Timing

Other

x-ms-igw-upstream-headers;dur=1.5,x-ms-igw-req-overhead;dur=0.2

X-Azure-Ref

Other

20260407T070814Z-166455875d7nhhwdhC1CHIsy8s00000008a00000000008yt

X-Cache

Other

CONFIG_NOCACHE

X-Ms-Activity-Vector

Other

00.00.00

X-Ms-Correlation-Id

Other

bc15803b-480a-4a6a-8c99-02da0f265a94

X-Ms-Igw-Tracking-Id

Other

5dba8eb3-7387-44e4-9d74-5c3f5570b47f20260407070814_prdcm301eusgb0_8

X-Ms-Islandgateway

Other

_prdcm301eusgb0_8

X-Ms-Service-Request-Id

Other

5dba8eb3-7387-44e4-9d74-5c3f5570b47f

X-Servicefabric

Other

NoRetry

date: Tue, 07 Apr 2026 07:08:14 GMT
link: <https://preview.content.powerapps.com>; rel="preconnect"
server-timing: x-ms-igw-upstream-headers;dur=1.5,x-ms-igw-req-overhead;dur=0.2
x-azure-ref: 20260407T070814Z-166455875d7nhhwdhC1CHIsy8s00000008a00000000008yt
x-cache: CONFIG_NOCACHE
x-ms-activity-vector: 00.00.00
x-ms-correlation-id: bc15803b-480a-4a6a-8c99-02da0f265a94
x-ms-igw-tracking-id: 5dba8eb3-7387-44e4-9d74-5c3f5570b47f20260407070814_prdcm301eusgb0_8
x-ms-islandgateway: _prdcm301eusgb0_8
x-ms-service-request-id: 5dba8eb3-7387-44e4-9d74-5c3f5570b47f
x-servicefabric: NoRetry

Recommendations

Enable compression (gzip/brotli) to improve performance