HTTP Headers Analysis for https://careers.circle.com

Detected Technologies from Headers

See all in URL Inspect 1

AWS CloudFront

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=63072000; includeSubDomains; preload

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Basic

script-src; frame-ancestors; base-uri; +2 more Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding, Origin

connection: close
transfer-encoding: chunked
vary: Accept-Encoding, Origin

Caching Headers

Cache-Control

Caching

no-cache, no-store, must-revalidate

Pragma

Caching

no-cache

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

No server headers found

CORS Headers

Access-Control-Allow-Origin

Cors

https://careers.circle.com

access-control-allow-origin: https://careers.circle.com

Cookies Headers

Set-Cookie

Cookies

set-cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7IkpTRVNTSU9OSUQiOiI1MDQ4NmUzMi04NTUyLTQyZjktYWExNC04NGYzYjEwMDQ1YmYiLCJjc3JmVG9rZW4iOiJjZWQ2YTQ1ZTU5ODg0MWY3YTBjZjk3Njg1NzhlNDRiYyJ9LCJuYmYiOjE3NzgzMDgyNDEsImlhdCI6MTc3ODMwODI0MX0.r2fBl0geDMqeZDVVXnbiCWU71nsTFzrqClMSe5CWoU8; Path=/; Secure; HTTPOnly
PHPPPE_ACT=50486e32-8552-42f9-aa14-84f3b10045bf; Path=/; Secure
VISITED_LANG=en; Max-Age=31536000; Expires=Sun, 09 May 2027 06:30:41 GMT; Path=/; Secure
VISITED_COUNTRY=us; Max-Age=31536000; Expires=Sun, 09 May 2027 06:30:41 GMT; Path=/; Secure

Other Headers

Date

Other

Sat, 09 May 2026 06:30:41 GMT

Via

Other

1.1 598d87b7aabfe9af537b98f78145120e.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

1ySAK39fSn5wVKnD3Q3btM4S2RnIGu5FY5NFIomanBm-IodtVePFCQ==

X-Amz-Cf-Pop

Other

IAD55-P6

X-Cache

Other

Miss from cloudfront

X-Permitted-Cross-Domain-Policies

Other

master-only

date: Sat, 09 May 2026 06:30:41 GMT
via: 1.1 598d87b7aabfe9af537b98f78145120e.cloudfront.net (CloudFront)
x-amz-cf-id: 1ySAK39fSn5wVKnD3Q3btM4S2RnIGu5FY5NFIomanBm-IodtVePFCQ==
x-amz-cf-pop: IAD55-P6
x-cache: Miss from cloudfront
x-permitted-cross-domain-policies: master-only

Recommendations

Enable compression (gzip/brotli) to improve performance