32 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Weak
frame-ancestors; report-uri; report-to Analyze
Content-Security-Policy-Report-Only
Basic
style-src; script-src; img-src Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Significantly strengthen CSP directives
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges
Performance
bytes
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Origin, Accept-Encoding

Caching Headers

Age
Caching
41760
Cache-Control
Caching
no-store, max-age=0, stale-if-error=0
Etag
Caching
"41f2a173bc5fdba1539139133dffa7b7"
Last-Modified
Caching
Fri, 17 Jul 2026 00:22:48 GMT

Content Headers

Content-Type
Content
text/html

Server Headers

Server
Server
AtlassianEdge

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie
Cookies

Other Headers

Atl-Request-Id
Other
ab7da5d4-8b10-475e-ba0b-d6b0af021406
Atl-Traceid
Other
ab7da5d48b10475eba0bd6b0af021406
Date
Other
Sat, 18 Jul 2026 19:18:00 GMT
Nel
Other
Report-To Group endpoint-1 max-age: 10m
failure: 1.0% include subdomains
Report-To
Other
Group endpoint-1 max-age: 10m
Reporting-Endpoints
Other
csp-default-endpoint="https://web-security-reports.services.atlassian.com/csp-report/jira-fe"
Server-Timing
Other
cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=40,cdn-upstream-connect;dur=3,cdn-upstream-fbl;dur=95,atl-edge;dur=89,atl-edge-internal;dur=11,atl-edge-upstream;dur=78,atl-edge-pop;desc="aws-us-east-1",cdn-cache-miss,cdn-pop;desc="IAD61-P13",cdn-rid;desc="92BuvLST2A18BqdtxiFuHh2ATufli2hUy9pUvMTFXKSEDOZEsyCP2g==",cdn-downstream-fbl;dur=145
Timing-Allow-Origin
Other
*
Via
Other
1.1 e782b84fb3fbef3e995fe26d05da180c.cloudfront.net (CloudFront), 1.1 04d8137eba39d404a430316a46dde298.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
92BuvLST2A18BqdtxiFuHh2ATufli2hUy9pUvMTFXKSEDOZEsyCP2g==
X-Amz-Cf-Pop
Other
IAD61-P7, IAD61-P13
X-Amz-Replication-Status
Other
COMPLETED
X-Amz-Server-Side-Encryption
Other
AES256
X-Amz-Version-Id
Other
_InnKlhY2XgG4eka5VDuFQht6DxyCuPw
X-Cache
Other
Miss from cloudfront
X-Cache-Status
Other
HIT

Recommendations

Enable compression (gzip/brotli) to improve performance