Open
Cached
·
just now
21
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31556952; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Vary
Performance
Accept-Encoding
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"d552bbc76812c6dbf7f45ca0a7d6ce34"
Content Headers
2 headers
Content-Length
Content
121615
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
X-Runtime
Server
0.201884
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
9 headers
Date
Other
Sun, 01 Feb 2026 05:58:57 GMT
Link
Other
<https://www-cloudfront.zoomshift.com/assets/application-a881f9b85b8fe8ed23fa463fb8cb08e7489e0bbe6339e0d653e6d1938d36f793.css>; rel=preload; as=style; nopush,<https://www-cloudfront.zoomshift.com/assets/application-a881f9b85b8fe8ed23fa463fb8cb08e7489e0bbe6339e0d653e6d1938d36f793.css>; rel=preload; as=style; nopush
Via
Other
1.1 6e96e2926c8953a2e57fa9907208c588.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
rU8xOykYnpF9o4cVpdN06VSOaxYK_-ADTVmSbOmCaSlX-tr_gVZdRw==
X-Amz-Cf-Pop
Other
IAD61-P12
X-Cache
Other
Miss from cloudfront
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
015a98dc-d759-4cfa-a28c-f3b0a1fed4aa
Recommendations
Enable compression (gzip/brotli) to improve performance