Open
Cached
·
just now
19
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(self)
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Add Content-Security-Policy header to prevent XSS attacks
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
No caching headers found
Content Headers
Content-Language
en-US
Content-Type
text/html;charset=UTF-8
content-language: en-US content-type: text/html;charset=UTF-8
Server Headers
Server
Zuora App
server: Zuora App
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Thu, 09 Apr 2026 08:57:03 GMT
X-Ratelimit-Limit-Minute
100
X-Ratelimit-Remaining-Minute
99
X-Ui-Router-Proxy-Latency
0
X-Ui-Router-Upstream-Latency
4
Zuora-Request-Id
93e36788-f233-4fff-a59b-48d119089701
date: Thu, 09 Apr 2026 08:57:03 GMT x-ratelimit-limit-minute: 100 x-ratelimit-remaining-minute: 99 x-ui-router-proxy-latency: 0 x-ui-router-upstream-latency: 4 zuora-request-id: 93e36788-f233-4fff-a59b-48d119089701
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching