SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Hostname Mismatch - certificate is issued for cluster76.canvas-user-content.com, *.instructure.com, instructure.com, canvaslms.com, *.canvaslms.com, *.cluster76.canvas-user-content.com, not for ec2-52-62-72-100.ap-southeast-2.compute.amazonaws.com
Open
Cached
·
just now
20
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=63072000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Vary
Performance
Accept-Encoding
Caching Headers
1 headers
Cache-Control
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
Apache
X-Runtime
Server
0.021567
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
11 headers
Date
Other
Mon, 08 Dec 2025 11:56:52 GMT
P3p
Other
CP="None, see http://www.instructure.com/privacy-policy"
Status
Other
404 Not Found
X-A11y-Ally
Other
Dana Danger Grey
X-Canvas-Meta
Other
q=3356;b=2303120;m=2303248;u=0.01;y=0.00;d=0.00;
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Rate-Limit-Remaining
Other
700.0
X-Request-Context-Id
Other
f65c754b-922b-417b-9db9-b090462ccbac
X-Request-Cost
Other
0.014096787999562821
X-Request-Processor
Other
0b89686e0882df78c
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 1485ms