HTTP Headers Analysis for https://trust.everfox.com

Detected Technologies from Headers

See all in URL Inspect 21

AWS CloudFront

Amplitude

AWS Active incidents

Amazon S3

Azure Blob Storage

Cloudflare CDN

Datadog

DocuSign

Firebase

Google API JS Client

Google Cloud Storage

Google Fonts

Google Sign-In

G Workspace

Intercom

jsDelivr

LogRocket

Looker

Loom

Pusher

Zendesk

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; includeSubDomains; preload

Content-Security-Policy

Basic

frame-ancestors; block-all-mixed-content; default-src; +14 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Origin

accept-ranges: bytes
connection: close
transfer-encoding: chunked
vary: Origin

Caching Headers

Age

Caching

834

Cache-Control

Caching

public, max-age=31536000, immutable

Expires

Caching

Thu, 13 May 2027 08:58:14 GMT

Last-Modified

Caching

Tue, 12 May 2026 08:12:00 GMT

age: 834
cache-control: public, max-age=31536000, immutable
expires: Thu, 13 May 2027 08:58:14 GMT
last-modified: Tue, 12 May 2026 08:12:00 GMT

Content Headers

Content-Type

Content

text/html

content-type: text/html

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9fb08a2d7d0a1b39-IAD

Date

Other

Wed, 13 May 2026 09:12:08 GMT

Via

Other

1.1 google

X-Goog-Generation

Other

1778573520573143

X-Goog-Hash

Other

crc32c=9nJgFQ==, md5=YM9+1B9PXh8MNcvcNOyRbQ==

X-Goog-Meta-Goog-Reserved-File-Mtime

Other

1778148083

X-Goog-Metageneration

Other

1

X-Goog-Storage-Class

Other

STANDARD

X-Goog-Stored-Content-Encoding

Other

identity

X-Goog-Stored-Content-Length

Other

92685

X-Guploader-Uploadid

Other

AAVLpEg9YKj8AGRjnADEE2Ar1ZlTiyUHz4lpZ3DK3SK-gKhishnpxjHfvIU2m5aqyDPSHyA4

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9fb08a2d7d0a1b39-IAD
date: Wed, 13 May 2026 09:12:08 GMT
via: 1.1 google
x-goog-generation: 1778573520573143
x-goog-hash: crc32c=9nJgFQ==, md5=YM9+1B9PXh8MNcvcNOyRbQ==
x-goog-meta-goog-reserved-file-mtime: 1778148083
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 92685
x-guploader-uploadid: AAVLpEg9YKj8AGRjnADEE2Ar1ZlTiyUHz4lpZ3DK3SK-gKhishnpxjHfvIU2m5aqyDPSHyA4

Recommendations

Enable compression (gzip/brotli) to improve performance