HTTP Headers Analysis for https://mix.nuance.ca

Detected Technologies from Headers

See all in URL Inspect 14

UserWay

Azure Blob Storage

Envoy

Font Awesome

Google Analytics

Google DoubleClick

Google Fonts

Google Tag Manager

jsDelivr

Microsoft 365

RawGit

Vimeo

WordPress.com

Microsoft Azure

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Good

default-src; style-src; font-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Strengthen CSP by removing 'unsafe-eval'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

accept-ranges: bytes
connection: close

Caching Headers

Cache-Control

Caching

no-cache

Etag

Caching

"69c10769-441d"

Expires

Caching

Sat, 11 Apr 2026 13:33:02 GMT

Last-Modified

Caching

Mon, 23 Mar 2026 09:27:05 GMT

cache-control: no-cache
etag: "69c10769-441d"
expires: Sat, 11 Apr 2026 13:33:02 GMT
last-modified: Mon, 23 Mar 2026 09:27:05 GMT

Content Headers

Content-Length

Content

17437

Content-Type

Content

text/html; charset=UTF-8

content-length: 17437
content-type: text/html; charset=UTF-8

Server Headers

Server

envoy

server: envoy

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Sat, 11 Apr 2026 13:33:03 GMT

X-Envoy-Upstream-Service-Time

Other

1

date: Sat, 11 Apr 2026 13:33:03 GMT
x-envoy-upstream-service-time: 1

Recommendations

Enable compression (gzip/brotli) to improve performance