Open
Cached
·
3m ago
23
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Weak
frame-ancestors; report-uri
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Significantly strengthen CSP directives
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding, Origin
Caching Headers
3 headers
Cache-Control
Caching
no-cache,must-revalidate,max-age=0,no-store,private
Expires
Caching
Tue, 14 Jan 2025 07:13:07 GMT
Last-Modified
Caching
Tue, 14 Jan 2025 07:13:07 GMT
Content Headers
1 headers
Content-Type
Content
text/html;charset=UTF-8
Server Headers
1 headers
Server
Server
sfdcedge
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
renderCtx=%7B%22pageId%22%3A%223d7a2d3b-88de-4ede-9c95-585ba36863d6%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22a2894e97-6506-4d09-97a0-35ae874cb9f4%22%2C%22audienceIds%22%3A%22%22%7D; path=/s; secure
Other Headers
10 headers
Content-Security-Policy-Report-Only
Other
frame-src *.force.com https://player.vimeo.com https://exchange2-asset-manager-kprod.s3.amazonaws.com 'self' https://stats.g.doubleclick.net https://cdn.anypoint.mulesoft.com *.youtube.co.uk https://sfdc-link-preview.hk.salesforce.com https://checkoutshopper-test.adyen.com/ https://pal-test.adyen.com https://usa554.sfdc-lywfpd.salesforce.com *.cybersource.com *.youtube.es https://bluebeamdevportal.file.force.com *.adis.ws https://integrations-oas.bluebeam.com *.youtube.ie https://www.youtube.com *.cloudinary.com https://pay.google.com *.vimeo.com *.youtube.jp bcove.video https://cdn.redoc.ly *.youtube.fr https://*.a.forceusercontent.com https://player.cloudinary.com https://sfdc-link-preview-staging.sfdc.sh https://s1.adis.ws *.forceusercontent.com *.youtube.com *.brightcove.net *.youtube.nl https://bbc-partner-exp-api-dev.us-e2.cloudhub.io https://service.force.com/embeddedservice/ https://fast.wistia.net *.quip.com *.arkoselabs.com *.youtube-nocookie.com https://www.paypal.com https://appiniummastertrial.secure.force.com https://play.vidyard.com *.youtube.com.br *.salesforce-experience.com *.salesforceliveagent.com https://scormanywhere.secure.force.com https://checkoutshopper-live.adyen.com/ *.sfdcfc.net https://bbc-partner-exp-api-uat.us-e2.cloudhub.io https://*.force.com *.youtube.ca https://location.force.com *.vidyard.com https://api.bluebeam.com https://www.gstatic.com/recaptcha/ https://players.brightcove.net https://cdn.embedly.com https://www.google.com/recaptcha/ https://js.stripe.com/ https://www.sandbox.paypal.com https://exchange2-asset-manager-kprod-eu.s3.amazonaws.com https://bbc-partner-exp-api.us-e2.cloudhub.io https://*.a.forceusercontent.com/lightningmaps/ https://www.googletagmanager.com *.wistia.net https://www.google-analytics.com *.salesforce.com *.youtube.pl; report-to sfdc-csp-ep; report-uri https://bluebeamdevportal.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D3t000005BAfc&networkId=0DM3t0000000Yjj&type=communities
Date
Other
Wed, 14 Jan 2026 07:13:07 GMT
Link
Other
</s/sfsites/auraFW/javascript/REdtNUF5ejJUNWxpdVllUjQtUzV4UTFLcUUxeUY3ZVB6dE9hR0VheDVpb2cxMy4zMzU1NDQzMi41MDMzMTY0OA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22REdtNUF5ejJUNWxpdVllUjQtUzV4UTFLcUUxeUY3ZVB6dE9hR0VheDVpb2cxMy4zMzU1NDQzMi41MDMzMTY0OA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221421_mg1QpGWKsu060_sD-hU2fg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDE2MzFlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/resources.js?pu=1&pv=1767938231000-377921450&rv=1768027148000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.33554432.50331648-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221421_mg1QpGWKsu060_sD-hU2fg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/app.js?3=>;rel=preload;as=script;nopush
Report-To
Other
{"endpoints":[{"url":"https://bluebeamdevportal.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D3t000005BAfc&networkId=0DM3t0000000Yjj&type=communities"}],"max_age":31536000,"group":"sfdc-csp-ep"}
Reporting-Endpoints
Other
sfdc-csp-ep="https://bluebeamdevportal.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D3t000005BAfc&networkId=0DM3t0000000Yjj&type=communities"
Server-Timing
Other
Headers;dur=73
Timing-Allow-Origin
Other
*
X-Request-Id
Other
5687f5c977f1f86ebfb6ac7bd884afc4
X-Sfdc-Edge-Cache
Other
MISS
X-Sfdc-Request-Id
Other
5687f5c977f1f86ebfb6ac7bd884afc4
Recommendations
Enable compression (gzip/brotli) to improve performance