HTTP Headers Analysis for https://connect.schoolstatus.com

Detected Technologies from Headers

See all in URL Inspect 4

Google API JS Client

Google Fonts

Heroku

Sentry

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=63072000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Basic

child-src; connect-src; default-src; +9 more Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Accept-Encoding, Origin

connection: close
vary: Accept-Encoding, Origin

Caching Headers

Cache-Control

Caching

max-age=0, private, must-revalidate

Etag

Caching

W/"af1d4df14e9f3eda85156d128207865a"

cache-control: max-age=0, private, must-revalidate
etag: W/"af1d4df14e9f3eda85156d128207865a"

Content Headers

Content-Length

Content

34911

Content-Type

Content

text/html; charset=utf-8

content-length: 34911
content-type: text/html; charset=utf-8

Server Headers

Server

Heroku

X-Runtime

Server

0.018813

server: Heroku
x-runtime: 0.018813

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: suppress_zendesk=false; path=/; samesite=none; secure
current_timezone=America%2FNew_York; path=/; samesite=none; secure
current_timezone_title=America+-+New+York; path=/; samesite=none; secure
_classtag_session=rxrGGls5zpMruKrYFAI5Xb4TTOxYO24HA1hhpRATxsKxKxZx1R6bFEhWFjoZmPGARlJCnWCF1Ej61DQubiadsuHFgQoAeCOKMoMaqkgQLVbfQZL0yHoQ%2BfxpU32F9MkRZZ8F%2FTbx%2BNg4JCkAqYWNDOO2nIWz4DA5jjqy3x0KtuoauHILr0%2FDoIegiAfmPWUBEDPk%2FDzM0ysSEOP4LNKQ8kVWo74ioTNxasQubqo8YvkED%2B7aVKEA%2Fa3SxDRIsNWgri%2BQdLnCx1TVRoE4%2BDKaY60fCZEv75nigmlaLgPBBz4reo7%2F%2BidLBFKukMAwyAJThVDpAgnHrUb182aSpjbjynKW3BkAhVI%2FnVU6iONJuxShkxiCt9Xz0MBUBmNimHR68Ux8gIZ0eMeFt9%2B6dMP4Gn4871MwimM8THU4PPCZZCqjHC%2FNOko%2B1us5epxLLqkmqQT09QpTn5gsh%2BgnohoYFJCIky2ua7mrPg%3D%3D--OYjrOowVrhnUGJ6C--nkmaaFI33oSwi%2BFt0jJPdg%3D%3D; path=/; secure; httponly; samesite=none

Other Headers

Date

Other

Fri, 08 May 2026 21:50:47 GMT

Link

Other

URL https://assets.connect.schoolstatus.com/assets/application-180aa28a9a006a111ba059366072bdcff7586459fa4e731e8ae510033a2a2468.css

rel=preload as=style nopush

URL

//fonts.googleapis.com/css?family=Open+Sans:400italic,500italic,600italic,400,500,600&display=swap

rel=preload as=style nopush

URL

//apis.google.com/js/api.js

rel=preload as=script nopush

URL https://assets.connect.schoolstatus.com/assets/application-0670661ffeab2107defc69739871b32485b865eeb044ef4a1e02c539c9c67bd7.js

rel=preload as=script nopush

Nel

Other

Report-To Group heroku-nel max-age: 1h

success: 1.0% failure: 10.0%

Report-To

Other

Group heroku-nel max-age: 1h

Endpoint 1 https://nel.heroku.com/reports?s=G6ryIsqv4DDzPcWc%2FjK9k5XRbxg%2F9NZZmPbhWNO7i4Q%3D&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&ts=1778277047

Reporting-Endpoints

Other

heroku-nel="https://nel.heroku.com/reports?s=G6ryIsqv4DDzPcWc%2FjK9k5XRbxg%2F9NZZmPbhWNO7i4Q%3D&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&ts=1778277047"

Via

Other

1.1 heroku-router

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

56740a9e-c7a6-ba3f-d085-bf1c0a13626a

date: Fri, 08 May 2026 21:50:47 GMT
link: <https://assets.connect.schoolstatus.com/assets/application-180aa28a9a006a111ba059366072bdcff7586459fa4e731e8ae510033a2a2468.css>; rel=preload; as=style; nopush,<//fonts.googleapis.com/css?family=Open+Sans:400italic,500italic,600italic,400,500,600&display=swap>; rel=preload; as=style; nopush,<//apis.google.com/js/api.js>; rel=preload; as=script; nopush,<https://assets.connect.schoolstatus.com/assets/application-0670661ffeab2107defc69739871b32485b865eeb044ef4a1e02c539c9c67bd7.js>; rel=preload; as=script; nopush,<https://assets.connect.schoolstatus.com/packs/css/defaultVendors-node_modules_classtag_ui_lib_Avatar_js-node_modules_classtag_ui_lib_CardViewTi-6be3de-c2faea72.css>; rel=preload; as=style; nopush,<https://assets.connect.schoolstatus.com/packs/css/application-aafdb0c4.css>; rel=preload; as=style; nopush
nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
report-to: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=G6ryIsqv4DDzPcWc%2FjK9k5XRbxg%2F9NZZmPbhWNO7i4Q%3D\u0026sid=af571f24-03ee-46d1-9f90-ab9030c2c74c\u0026ts=1778277047"}],"max_age":3600}
reporting-endpoints: heroku-nel="https://nel.heroku.com/reports?s=G6ryIsqv4DDzPcWc%2FjK9k5XRbxg%2F9NZZmPbhWNO7i4Q%3D&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&ts=1778277047"
via: 1.1 heroku-router
x-permitted-cross-domain-policies: none
x-request-id: 56740a9e-c7a6-ba3f-d085-bf1c0a13626a

Recommendations

Enable compression (gzip/brotli) to improve performance