HTTP Headers Analysis for https://id.xoom.com

Detected Technologies from Headers

See all in URL Inspect 25

AWS CloudFront

PayPal

Amplitude

Amazon S3

Microsoft Advertising

Braintree

Contentful

Datadog

Envoy

Facebook

Google Analytics

Google API JS Client

Google Conversion Tracking

Google DoubleClick

Google Fonts

Google reCAPTCHA

Google Search

Google Static File Front End

Google Tag Manager

Mixpanel Active incidents

New Relic

Segment

Trustpilot

Varnish

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15768000; includeSubDomains

Content-Security-Policy

Basic

style-src; base-uri; script-src; +9 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding

accept-ranges: bytes
connection: close
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding

Caching Headers

Age

Caching

0

Cache-Control

Caching

no-cache, no-store

age: 0
cache-control: no-cache, no-store

Content Headers

Content-Length

Content

216090

Content-Type

Content

text/html; charset=utf-8

content-length: 216090
content-type: text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Backend-Ip

Other

205.189.102.36

Date

Other

Wed, 06 May 2026 05:59:46 GMT

Via

Other

1.1 varnish, 1.1 varnish

X-Cache

Other

MISS, MISS, MISS

X-Cache-Hits

Other

0, 0, 0

X-Envoy-Upstream-Service-Time

Other

78

X-Served-By

Other

cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200040-IAD

X-Timer

Other

S1778047186.262597,VS0,VE476

X-Xoom-Requestid

Other

256360f7-7cd0-4bc4-960a-1811d297d9ad

X-Xoom-Traceid

Other

984836943279161653

backend-ip: 205.189.102.36
date: Wed, 06 May 2026 05:59:46 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-envoy-upstream-service-time: 78
x-served-by: cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200040-IAD
x-timer: S1778047186.262597,VS0,VE476
x-xoom-requestid: 256360f7-7cd0-4bc4-960a-1811d297d9ad
x-xoom-traceid: 984836943279161653

Recommendations

Enable compression (gzip/brotli) to improve performance