HTTP Headers Analysis for https://www.payoneer.com

Detected Technologies from Headers

See all in URL Inspect 68

AWS CloudFront

Google AdSense

Chili Piper

CodeJudge

Oracle Cloud

Google Tag Manager

UserWay

Bing

SalesLoft

Google Cloud Run

Amplitude

Kinsta Active incidents

Amazon Advertising

AppNexus (Xandr)

PartnerStack

Fullstory

Klenty

Yahoo

HubSpot Forms

TrackJS

Factors.AI

Trustpilot

Google DoubleClick

TeamMe

Google Analytics

Microsoft Advertising

Google Conversion Tracking

Trendemon

6sense

Report URI

Cloudflare CDN Active incidents

Greenhouse

Google Cloud Storage

Google Static File Front End

Geoapify

Twitter

Qualtrics

ShareThis

HubSpot Analytics

Drift

unpkg

Google Search

BootstrapCDN

Yandex

Cloudflare Active incidents

Adobe Marketo

Facebook

Amazon S3

Mouseflow

OneTrust

GitHub Active incidents

Dynatrace

TikTok

AWS

Taboola

Google Optimize

Convert

HubSpot

Highcharts

Quora

YouTube

The Trade Desk

Microsoft Clarity

Optimizely

jsDelivr

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000; includesubdomains; preload

Content-Security-Policy

Basic

frame-src; script-src; connect-src; +3 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

Accept-Encoding

accept-ranges: bytes
connection: close
vary: Accept-Encoding

Caching Headers

Age

Caching

1362

Cache-Control

Caching

max-age=86400, s-maxage=86400, public

Etag

Caching

"4590c7e3d7eae25b90fc8c81f89e1d39"

Last-Modified

Caching

Tue, 28 Apr 2026 08:45:11 GMT

age: 1362
cache-control: max-age=86400, s-maxage=86400, public
etag: "4590c7e3d7eae25b90fc8c81f89e1d39"
last-modified: Tue, 28 Apr 2026 08:45:11 GMT

Content Headers

Content-Length

Content

732454

Content-Type

Content

text/html

content-length: 732454
content-type: text/html

Server Headers

No server headers found

CORS Headers

Access-Control-Allow-Origin

Cors

https://registration.powerappsportals.com

access-control-allow-origin: https://registration.powerappsportals.com

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc

Other

clear

Date

Other

Tue, 28 Apr 2026 20:33:19 GMT

Via

Other

1.1 fab6b8748e77d595c3927b3323efa8de.cloudfront.net (CloudFront), 1.1 google

X-Amz-Cf-Id

Other

MfE-jboHKTO2Kax2N2HLlRBBNsYpJKRedQIFPBlqomz4WGtkFqqg8g==

X-Amz-Cf-Pop

Other

CDG50-P5

X-Amz-Server-Side-Encryption

Other

AES256

X-Cache

Other

Miss from cloudfront

alt-svc: clear
date: Tue, 28 Apr 2026 20:33:19 GMT
via: 1.1 fab6b8748e77d595c3927b3323efa8de.cloudfront.net (CloudFront), 1.1 google
x-amz-cf-id: MfE-jboHKTO2Kax2N2HLlRBBNsYpJKRedQIFPBlqomz4WGtkFqqg8g==
x-amz-cf-pop: CDG50-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

Recommendations

Enable compression (gzip/brotli) to improve performance