HTTP Headers Analysis for https://forums.myob.com.au

Detected Technologies from Headers

See all in URL Inspect 2

Apache

AWS CloudFront

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Accept-Encoding

connection: close
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

private, no-cache, no-store, max-age=0, must-revalidate

Etag

Caching

"16lzqps0itx97ye"

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
etag: "16lzqps0itx97ye"

Content Headers

Content-Length

Content

430240

Content-Type

Content

text/html; charset=utf-8

content-length: 430240
content-type: text/html; charset=utf-8

Server Headers

Server

Apache

server: Apache

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: AWSALB=aiSy99upk0Hu2DXmIiqoeQY1SnV5OagpC/bUy0b2e3XkARsLfyuTG228/PucUKLhUfxE3nTvY2zFbi/ZBi+bpD94mgr1PE1glvj3YJjD4ibjWmRxd2hQfn5fqb3V; Expires=Mon, 20 Apr 2026 00:37:51 GMT; Path=/
AWSALBCORS=aiSy99upk0Hu2DXmIiqoeQY1SnV5OagpC/bUy0b2e3XkARsLfyuTG228/PucUKLhUfxE3nTvY2zFbi/ZBi+bpD94mgr1PE1glvj3YJjD4ibjWmRxd2hQfn5fqb3V; Expires=Mon, 20 Apr 2026 00:37:51 GMT; Path=/; SameSite=None; Secure
LiSESSIONID=8797DAE97B0DBD00C45F53451251D849; Path=/; Secure; HttpOnly;SameSite=None;SameSite=None
LithiumVisitor=~2cmxU9WdpxlcKbw03~UChgH_GqT7ghXWWzbvB1dNbTsHFTqBgbti0acg2adV0Xn3YLhQGlnI9uLkyahWwdXk1hvJWHPHCQZIOvd_xiEw..; Path=/; HttpOnly; Max-Age=15780000; Secure; SameSite=None
LithiumTimezonePreferences=US%2FPacific; Path=/; Expires=Tue, 14 Apr 2026 00:37:51 GMT; SameSite=Lax
csrf-aurora=854d6ad97e9e625cdbd56439dd8862844b7570f3edc92d7d5aa7963f227e7b3ba9c3b66c83823f04a6ff1d9fb3467d5bc23cd40ae8d9fac3112e22aec1d92321%7C37b19a728f8f4ea8557c3770793cda798d628f5260bcf645b5a71b5daf51ce55; Path=/; HttpOnly; Secure; SameSite=Strict

Other Headers

Date

Other

Mon, 13 Apr 2026 00:37:52 GMT

Via

Other

1.1 b552372cc6117196616936cdcc1d1104.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

Q_M1lLKwmEPqRQO6DnsM7wNOMB1ccL5ZN5snufy1uIpJ90bWykTT1A==

X-Amz-Cf-Pop

Other

IAD61-P11

X-Cache

Other

Miss from cloudfront

X-Dns-Prefetch-Control

Other

off

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

date: Mon, 13 Apr 2026 00:37:52 GMT
via: 1.1 b552372cc6117196616936cdcc1d1104.cloudfront.net (CloudFront)
x-amz-cf-id: Q_M1lLKwmEPqRQO6DnsM7wNOMB1ccL5ZN5snufy1uIpJ90bWykTT1A==
x-amz-cf-pop: IAD61-P11
x-cache: Miss from cloudfront
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none

Recommendations

Enable compression (gzip/brotli) to improve performance