HTTP Headers Analysis for https://use-staging.typekit.net

Open Cached · just now

33 Headers

Detected Technologies from Headers

See all in URL Inspect 3

Adobe Experience Manager

AWS CloudFront

Nginx

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Weak

Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

Age

Caching

313

Cache-Control

Caching

max-age=300, public, s-maxage=300, stale-while-revalidate=30, stale-if-error=86400

Etag

Caching

W/"5353e346f5dc94ba5a24241608c430f2"

age: 313
cache-control: max-age=300, public, s-maxage=300, stale-while-revalidate=30, stale-if-error=86400
etag: W/"5353e346f5dc94ba5a24241608c430f2"

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

nginx

X-Runtime

Server

0.353965

server: nginx
x-runtime: 0.353965

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

set-cookie: rails_session_hash=3c2af8f0550c43dda2165bb7570fad2b; path=/; SameSite=Lax; secure
pid=d097a97f5ebc877d0fe366be69965afe; path=/; expires=Fri, 20 Mar 2026 20:04:17 GMT; SameSite=Lax; secure
server_side_user_prefs=99914b932bd37a50b983c5e7c90ae93b; path=/; SameSite=Lax; secure
tk_session_vpcproduction=vUvWtLVGw3b8jh%2F69fDPgwa3gLvc7UpVCB2kQ%2F2lWbRsx5EXjOMtoTiLYeRbW767DbOSdc4zKJZ6VvxG6F2%2B9gvH9cfFuP2e5%2BTKXs1WUllQOEDyzEKXbog%2FkJfj6HG%2B2M0e47o72Sw7dRlJ%2FqRIYG7ynN0l6w%2BHpLMoxuicgd8KconhNgq1osH20hRUpXJjoS5graF9bNoebECLi3CoqMEAp39FNt5En46CngUG%2F%2BmRU92UuqMPl1JNe4R4XGyT47pybmk8MR7Bobj3RN9NegUw3opDPg1VhjNLdua9CcADgm7hhICu4qhuLYov7C2%2F%2B%2FuD%2BCyCiqWrbwwnJ8LU6UqTnydXQEh8378%3D--j%2FyYbcagOKBQQwfW--H1P2CEcDSgV2l7IEtq8zvQ%3D%3D; domain=fonts.adobe.com; path=/; expires=Fri, 06 Mar 2026 20:04:17 GMT; HttpOnly; SameSite=Lax; secure

Other Headers

Date

Other

Fri, 20 Feb 2026 20:04:17 GMT

Edge-Control

Other

cache-maxage=300, !no-store, !no-cache

Feature-Policy

Other

camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; payment 'none'

Link

Other

URL https://afwebcdn.fonts.adobe.com/assets/ng-cloak-e19b998bf60bb92b71592dd5c5dbf0c25ae38c778f8f7514a19ded1365497adc.css

rel=preload as=style nopush

URL https://afwebcdn.fonts.adobe.com/packs/assets/spectrum-css-CqZmvuLQ.js

rel=modulepreload as=script crossorigin=anonymous nopush

URL https://afwebcdn.fonts.adobe.com/packs/assets/spectrum-css-Du9AHbwq.css

rel=preload as=style nopush

URL https://afwebcdn.fonts.adobe.com/packs/assets/home-bFWLozHS.js

rel=modulepreload as=script crossorigin=anonymous nopush

Status

Other

200 OK

Surrogate-Control

Other

max-age=300

Via

Other

1.1 c9f0decc0c63834ae3be48cbc4198f60.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

T-qVoLYv4v-fa4joVLoI_PEINGbI2IiyiOkDYKVPUF7h9M3df-KTrg==

X-Amz-Cf-Pop

Other

IAD61-P9

X-Cache

Other

Hit from cloudfront

X-Download-Options

Other

noopen

X-Enable-Cache

Other

X-Permitted-Cross-Domain-Policies

Other

none

X-Ratelimit-Limit

Other

200

X-Ratelimit-Remaining

Other

199

X-Request-Id

Other

35896e2e32380ff3962a02f33e4792ea

date: Fri, 20 Feb 2026 20:04:17 GMT
edge-control: cache-maxage=300, !no-store, !no-cache
feature-policy: camera 'none'; geolocation 'none'; microphone 'none'; usb 'none'; payment 'none'
link: <https://afwebcdn.fonts.adobe.com/assets/ng-cloak-e19b998bf60bb92b71592dd5c5dbf0c25ae38c778f8f7514a19ded1365497adc.css>; rel=preload; as=style; nopush,<https://afwebcdn.fonts.adobe.com/packs/assets/spectrum-css-CqZmvuLQ.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,<https://afwebcdn.fonts.adobe.com/packs/assets/spectrum-css-Du9AHbwq.css>; rel=preload; as=style; nopush,<https://afwebcdn.fonts.adobe.com/packs/assets/home-bFWLozHS.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,<https://www.adobe.com/etc.clientlibs/globalnav/clientlibs/base/privacy-standalone.js>; rel=preload; as=script; nopush
status: 200 OK
surrogate-control: max-age=300
via: 1.1 c9f0decc0c63834ae3be48cbc4198f60.cloudfront.net (CloudFront)
x-amz-cf-id: T-qVoLYv4v-fa4joVLoI_PEINGbI2IiyiOkDYKVPUF7h9M3df-KTrg==
x-amz-cf-pop: IAD61-P9
x-cache: Hit from cloudfront
x-download-options: noopen
x-enable-cache: 1
x-permitted-cross-domain-policies: none
x-ratelimit-limit: 200
x-ratelimit-remaining: 199
x-request-id: 35896e2e32380ff3962a02f33e4792ea

Recommendations

Enable compression (gzip/brotli) to improve performance