HTTP Headers Analysis for https://ideas.itslearning.com

Detected Technologies from Headers

See all in URL Inspect 1

OpenResty

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=63072000; includeSubDomains; preload

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=(), microphone=(), payment=()

Recommendations

• Add Content-Security-Policy header to prevent XSS attacks

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

no-store

Etag

Caching

W/"a1ee65452b6746ef9ce29b1f28d6737b"

Expires

Caching

Fri, 01 Jan 1970 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: no-store
etag: W/"a1ee65452b6746ef9ce29b1f28d6737b"
expires: Fri, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

openresty

X-Runtime

Server

0.203433

server: openresty
x-runtime: 0.203433

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _aha_app_2=blt9NloE5ily0TGjF5fMOb0%2BvSVNp%2BP5mK%2BCmwzeTwu9bnMxP3N3QcS3OHM52ATv0emH1jD%2FB3NL%2FA55L%2FwM7mc%2F7AJanzFX6kV9LH8JGpmSCLT3d2usZcMqRalM2f2dtrHL8c4HOP%2FrFi2DapA7UwfLR1fNcrxw8fPUaF0g2VzPdkpXK5Fcw%2Bhy2BoPmxslWQ%2FdhdBKA%2BKI3tnerCKwcR9r72fjAyGRZCXMWyrtTI4KaUS7yqR%2FDBOrg7ziam4HC92uPfhzYQJiY58somLq7nrN--Ts01QmtyNXmjAMOi--ZXGFo6ghEEmQO0jm0Bujkg%3D%3D; path=/; secure; HttpOnly; SameSite=Lax

Other Headers

Date

Other

Fri, 08 May 2026 02:44:32 GMT

Feature-Policy

Other

geolocation 'none'; microphone 'none'; payment 'none'

Link

Other

URL https://ideas.itslearning.com/assets/idea_portals-v2-4640170041a50f46ec4bb08afa49bd6b.css

rel=preload as=style nopush

URL https://ideas.itslearning.com/assets/runtime-v2-2c89439f9bd3cd1a2ab3ab8f49a53aaf.js

rel=preload as=script nopush

URL https://ideas.itslearning.com/assets/vendor-v2-684079ac4009ba0e368b3005a19e8b75.js

rel=preload as=script nopush

URL https://ideas.itslearning.com/assets/idea_portals-v2-15f9e1547024127007737fad9e3f27db.js

rel=preload as=script nopush

P3p

Other

CP="Aha! does not have a P3P policy. http://www.aha.io/legal/privacy_policy"

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

a33afe71-3c13-4dba-bc3a-43bd70954421

date: Fri, 08 May 2026 02:44:32 GMT
feature-policy: geolocation 'none'; microphone 'none'; payment 'none'
link: <https://ideas.itslearning.com/assets/idea_portals-v2-4640170041a50f46ec4bb08afa49bd6b.css>; rel=preload; as=style; nopush,<https://ideas.itslearning.com/assets/runtime-v2-2c89439f9bd3cd1a2ab3ab8f49a53aaf.js>; rel=preload; as=script; nopush,<https://ideas.itslearning.com/assets/vendor-v2-684079ac4009ba0e368b3005a19e8b75.js>; rel=preload; as=script; nopush,<https://ideas.itslearning.com/assets/idea_portals-v2-15f9e1547024127007737fad9e3f27db.js>; rel=preload; as=script; nopush
p3p: CP="Aha! does not have a P3P policy. http://www.aha.io/legal/privacy_policy"
x-permitted-cross-domain-policies: none
x-request-id: a33afe71-3c13-4dba-bc3a-43bd70954421

Recommendations

Enable compression (gzip/brotli) to improve performance