HTTP Headers Analysis for https://support.myob.com

Detected Technologies from Headers

See all in URL Inspect 2

Cloudflare CDN

Google Fonts

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Weak

upgrade-insecure-requests Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

s-maxage=36000, max-age=5

Last-Modified

Caching

Sat, 04 Apr 2026 00:50:33 GMT

cache-control: s-maxage=36000, max-age=5
last-modified: Sat, 04 Apr 2026 00:50:33 GMT

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: hs-membership-csrf=rw5qbw5y0ie9a7-MS0MLog; Path=/; Secure
__cf_bm=A0rZ5h6Z1SNLDl5mpvMWrvp13PhVh80G780_v7QaaG8-1775858264-1.0.1.1-8mO0CQtr40Dv95xqlyYUqodmVib.kH0y0FVf7u1V5AA4bhwmsIv_9SnxIoDFEDWpSwANZtk4JimrvrXn2u89ksUtJ5YaNAR406U7ZvIallQ; path=/; expires=Fri, 10-Apr-26 22:27:44 GMT; domain=.enterprisesupport.myob.com; HttpOnly; Secure; SameSite=None
_cfuvid=lxfZdea4PihJcYdq8q1n.4Otq5q2ui.JByoUxCkQpa8-1775858264024-0.0.1.1-604800000; path=/; domain=.enterprisesupport.myob.com; HttpOnly; Secure; SameSite=None

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Ray

Other

9ea50245db72c5ce-IAD

Date

Other

Fri, 10 Apr 2026 21:57:44 GMT

Edge-Cache-Tag

Other

CT-0,P-23558368,CW-185316483202,E-137736542282,E-150910158515,E-150930264693,E-97761388545,E-97761502824,E-97761552821,E-97761558185,E-97761562798,E-97782852353,RA-218994345420,PGS-ALL,SW-0,GC-210335417801,TS-97761505332

Link

Other

URL

https://fonts.googleapis.com

rel=preconnect

URL

https://fonts.gstatic.com

rel=preconnect

X-Hs-Cache-Config

Other

BrowserCache-5s-EdgeCache-180s

X-Hs-Cache-Control

Other

s-maxage=36000, max-age=0

X-Hs-Cf-Cache-Status

Other

HIT

X-Hs-Cfworker-Meta

Other

{"contentType":"membership-page","resolver":"PreRenderedContentResolver"}

X-Hs-Hub-Id

Other

23558368

X-Hs-Portal-Id

Other

23558368

X-Hs-Prerendered

Other

Sat, 04 Apr 2026 00:50:33 GMT

alt-svc: h3=":443"; ma=86400
cf-ray: 9ea50245db72c5ce-IAD
date: Fri, 10 Apr 2026 21:57:44 GMT
edge-cache-tag: CT-0,P-23558368,CW-185316483202,E-137736542282,E-150910158515,E-150930264693,E-97761388545,E-97761502824,E-97761552821,E-97761558185,E-97761562798,E-97782852353,RA-218994345420,PGS-ALL,SW-0,GC-210335417801,TS-97761505332
link: <https://fonts.googleapis.com>; rel=preconnect,<https://fonts.gstatic.com>; rel=preconnect
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=36000, max-age=0
x-hs-cf-cache-status: HIT
x-hs-cfworker-meta: {"contentType":"membership-page","resolver":"PreRenderedContentResolver"}
x-hs-hub-id: 23558368
x-hs-portal-id: 23558368
x-hs-prerendered: Sat, 04 Apr 2026 00:50:33 GMT

Recommendations

Enable compression (gzip/brotli) to improve performance