HTTP Headers Analysis for https://live.prontoforms.com

Detected Technologies from Headers

See all in URL Inspect 17

AWS Active incidents

AWS CloudFront

Amazon S3

Box

Google API JS Client

Google Static File Front End

New Relic

Nginx

Salesforce Cloud

Salesforce Sites

Sentry Active incidents

Statuspage

Wistia

YouTube

Zendesk

Google Cloud

Google Cloud Storage

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

default-src; style-src; script-src; +9 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=(), microphone=(), camera=(); +2 more

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

no-store

Expires

Caching

0

Pragma

Caching

no-cache

cache-control: no-store
expires: 0
pragma: no-cache

Content Headers

Content-Language

Content

en-US

Content-Type

Content

text/html;charset=UTF-8

content-language: en-US
content-type: text/html;charset=UTF-8

Server Headers

Server

nginx

server: nginx

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: AWSALBTG=jEoN1hd6Jj6mtIBbzVRTG70jmWYJDNpv2j8QgdBaSy7gApKiDYUakRpbVAI2uIOjVlPsEjiXEwTmxKhY1tSRa26hJCozfafsBD6o5iGRX7QINWg9J2ghxt2IU4QYe/0lzELTm6+EjI6P3BAm96nqA+USCbFU8SHnttI1zUu2uHVHakvV9zo=; Expires=Tue, 19 May 2026 19:56:28 GMT; Path=/
AWSALBTGCORS=jEoN1hd6Jj6mtIBbzVRTG70jmWYJDNpv2j8QgdBaSy7gApKiDYUakRpbVAI2uIOjVlPsEjiXEwTmxKhY1tSRa26hJCozfafsBD6o5iGRX7QINWg9J2ghxt2IU4QYe/0lzELTm6+EjI6P3BAm96nqA+USCbFU8SHnttI1zUu2uHVHakvV9zo=; Expires=Tue, 19 May 2026 19:56:28 GMT; Path=/; SameSite=None; Secure
AWSALB=H+vRwl5tJaZB/ABZRwolOFd2e20B11+9MYY37u6aHcgTfCZeiZ8h97eT2QiEvjSsJ+z28qA8i0E6j+LeWMAxbuSUywpEHZkY5V97t18lXDsX97QDhMAawEzgG9VS; Expires=Tue, 19 May 2026 19:56:28 GMT; Path=/
AWSALBCORS=H+vRwl5tJaZB/ABZRwolOFd2e20B11+9MYY37u6aHcgTfCZeiZ8h97eT2QiEvjSsJ+z28qA8i0E6j+LeWMAxbuSUywpEHZkY5V97t18lXDsX97QDhMAawEzgG9VS; Expires=Tue, 19 May 2026 19:56:28 GMT; Path=/; SameSite=None; Secure
JSESSIONID=CFBB2A09B5741A0B932101E70CB88512; Path=/; Secure; HttpOnly; SameSite=Lax

Other Headers

Date

Other

Tue, 12 May 2026 19:56:28 GMT

Via

Other

1.1 a1ec4a9de0c6900e92b419e90a84dd82.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

jKwbLAcMeal8g25001EwhKkPDPG3HFUpUA2V31eXUlGXCBk4SbA7kw==

X-Amz-Cf-Pop

Other

IAD61-P11

X-Cache

Other

Miss from cloudfront

X-Csrf-Token

Other

lKZr9roI-XQ5iEvarbKkfhivMfBOtXDnpvROImLh2LsKouhxoccPwo5unxIU6S3plZ-QSXubHMgqgxbKlpV-EQDU6dpvlNhF

X-Prontoforms-Applicationversion

Other

master-SNAPSHOT

X-Prontoforms-Requestid

Other

jKwbLAcMeal8g25001EwhKkPDPG3HFUpUA2V31eXUlGXCBk4SbA7kw==

date: Tue, 12 May 2026 19:56:28 GMT
via: 1.1 a1ec4a9de0c6900e92b419e90a84dd82.cloudfront.net (CloudFront)
x-amz-cf-id: jKwbLAcMeal8g25001EwhKkPDPG3HFUpUA2V31eXUlGXCBk4SbA7kw==
x-amz-cf-pop: IAD61-P11
x-cache: Miss from cloudfront
x-csrf-token: lKZr9roI-XQ5iEvarbKkfhivMfBOtXDnpvROImLh2LsKouhxoccPwo5unxIU6S3plZ-QSXubHMgqgxbKlpV-EQDU6dpvlNhF
x-prontoforms-applicationversion: master-SNAPSHOT
x-prontoforms-requestid: jKwbLAcMeal8g25001EwhKkPDPG3HFUpUA2V31eXUlGXCBk4SbA7kw==

Recommendations

Enable compression (gzip/brotli) to improve performance