HTTP Headers Analysis for https://trust.truecontext.com

Detected Technologies from Headers

See all in URL Inspect 18

Amazon S3

Blackbaud Active incidents

Cloudflare CDNJS

Contentful

DocuSign

Google Analytics

Google Fonts

Google Search

Google Tag Manager

Loom

Nginx

OneTrust

Sentry

Statuspage

Tealium

Wistia

YouTube

Express

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; script-src; style-src; +9 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin

Permissions-Policy

Present

accelerometer=(), ambient-light-sensor=(), autoplay=(); +20 more

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking

Performance Headers

Connection

Performance

close

Vary

Performance

Accept-Encoding, Accept-Encoding, Accept-Encoding

connection: close
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding

Caching Headers

Cache-Control

Caching

private, max-age=0, no-cache, no-store

Etag

Caching

W/"10add-D8B/ycgKlbttHVqoye/NTvTmU2M"

cache-control: private, max-age=0, no-cache, no-store
etag: W/"10add-D8B/ycgKlbttHVqoye/NTvTmU2M"

Content Headers

Content-Length

Content

68317

Content-Type

Content

text/html; charset=utf-8

content-length: 68317
content-type: text/html; charset=utf-8

Server Headers

Server

nginx

X-Powered-By

Server

Express

server: nginx
x-powered-by: Express

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Mon, 04 May 2026 03:40:33 GMT

Report-To

Other

Group csp-endpoint max-age: 18w

Endpoint 1 https://o877899.ingest.us.sentry.io/api/5829161/security/?sentry_key=50db7adcd8ca46c29042311c89aa0772

X-Ratelimit-Limit

Other

50

X-Ratelimit-Remaining

Other

49

X-Ratelimit-Reset

Other

1777866334

date: Mon, 04 May 2026 03:40:33 GMT
report-to: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o877899.ingest.us.sentry.io/api/5829161/security/?sentry_key=50db7adcd8ca46c29042311c89aa0772"}],"include_subdomains":true}
x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 1777866334

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology