HTTP Headers Analysis for https://e.userflow.com

Detected Technologies from Headers

See all in URL Inspect 1

Cowboy

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; preload; includeSubDomains

Content-Security-Policy

Basic

object-src; base-uri; report-uri; +1 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

microphone=(self), camera=(), geolocation=()

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

Cache-Control

Caching

max-age=0, private, must-revalidate

Pragma

Caching

no-cache

cache-control: max-age=0, private, must-revalidate
pragma: no-cache

Content Headers

Content-Length

Content

9

Content-Type

Content

text/plain; charset=utf-8

content-length: 9
content-type: text/plain; charset=utf-8

Server Headers

Server

Cowboy

server: Cowboy

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: gemini_visitor_id=SFMyNTY.g2gDbQAAACRlYTU0OWFlMS1mOGZhLTQyY2UtYjdlMi1kZThlYTllYWM3YzJuBgBGOgj-nQFiAAFRgA.r3H9NTKbk9lwyUNsLlrfiXibAr56MA_szYLf4vZn0X0; path=/; domain=.userflow.com; expires=Thu, 06 May 2027 16:04:05 GMT; max-age=31536000; secure; HttpOnly
userflow_visitor=SFMyNTY.g2gDdAAAAAJ3EGxhbmRpbmdfcGFnZV91cmxtAAAAF2h0dHBzOi8vZS51c2VyZmxvdy5jb20vdwtyZWZlcmVyX3VybHcDbmlsbgYARjoI_p0BYgABUYA.MHKNBBu99wGDQrfMkNkNAYl6nkRdch9GKJs68JHoTAs; path=/; domain=.userflow.com; expires=Thu, 06 May 2027 16:04:05 GMT; max-age=31536000; secure; HttpOnly
userflowjs_visitor_id=visitor-11931ea0-f24d-48fa-b0f3-ecf6fdb62fbd; path=/; domain=.userflow.com; expires=Thu, 06 May 2027 16:04:05 GMT; max-age=31536000; secure; HttpOnly

Other Headers

Alt-Svc

Other

h3=":443"; ma=2592000

Date

Other

Wed, 06 May 2026 16:04:05 GMT

Via

Other

1.1 google

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

GK0FeQswq90afesAgxiE

X-Userflow-Server-Build

Other

1021851

alt-svc: h3=":443"; ma=2592000
date: Wed, 06 May 2026 16:04:05 GMT
via: 1.1 google
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: GK0FeQswq90afesAgxiE
x-userflow-server-build: 1021851

Recommendations

Enable compression (gzip/brotli) to improve performance