# Changelog for July 17th, 2026

New HTTP uptime header assertions, redesigned homepage, stronger SSRF protection, and improved uptime reports

## New
- Added support for new HTTP uptime assertions:
  - Header does not exist
  - Header does not contain (now also passes when the header is absent)

## Improvements

* Redesigned the **Oh Dear homepage** and made significant performance improvements across the marketing site.
* Improved the **monthly uptime report** email with a refreshed design and clearer presentation.

## Security

* Strengthened SSRF protections by preventing monitors from being created with private or reserved IP addresses.
* Extended SSRF validation to redirects, crawler requests, and sitemap fetches.

## Fixes

* Fixed a server error when a scheduled task had no timezone configured by falling back to UTC.
* Fixed cross-tenant write and delete operations on shared resources.
* Fixed API validation to handle invalid monitor types gracefully.
* Fixed Slack **"Check again"** actions that could leave downtime alerts stuck in a running state.