HTTP Headers Analysis for https://app.salesscreen.com

Detected Technologies from Headers

See all in URL Inspect 26

AWS CloudFront

AWS

Azure Blob Storage

AzureFrontDoor

Beamer

Cloudinary

GIPHY

Google Analytics

Google DoubleClick

Google reCAPTCHA

Google Search

Google Static File Front End

Google Tag Manager

Hotjar

Intercom

jsDelivr

Mixpanel

Plausible Analytics

Salesforce Sites

Sanity

Segment

Sentry

Unsplash

Vimeo

YouTube

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Good

upgrade-insecure-requests; block-all-mixed-content; default-src; +11 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Strengthen CSP by removing 'unsafe-eval'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

accept-ranges: bytes
connection: close

Caching Headers

Cache-Control

Caching

no-cache, no-store

Expires

Caching

Thu, 01 Jan 1970 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Length

Content

1496

Content-Type

Content

text/html;charset=UTF-8

content-length: 1496
content-type: text/html;charset=UTF-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8J2YOu56JShKj3QHm_U0YBHriyOTYZ22uHQafyhl0cy6TT_oHs7hJtKqGx7tk1D7NJu7fXiQSC1q4blYS5O8GagDZqN09Ze_5ytWxeDbmY7hbBceFzXUV4Zpy4d19iNqWjKj9YMk3bUK4_EMTol70pH1x17viqZmxNc7N5sz5N-OwHefSHhhVj1jJhz0itKBoFESbFUFTrvpH7VL7TTQZIHrtok6wo8Zb2RvxdY6nkVHdzxKdzLd6uF3Ma9NdR1LUZL_iMgYl-yCVndXmwltXmM=N; expires=Thu, 07 May 2026 17:03:23 GMT; path=/signin-oidc; secure; samesite=none; httponly
.AspNetCore.Correlation.YzPSxxhCweGyoV3C2mxitSiNFCze4K0fnWoKuqPJOss=N; expires=Thu, 07 May 2026 17:03:23 GMT; path=/signin-oidc; secure; samesite=none; httponly

Other Headers

Date

Other

Thu, 07 May 2026 16:48:23 GMT

Request-Context

Other

appId=cid-v1:c1c1cc63-a79d-4e64-b689-79869b6db8e2

X-Azure-Ref

Other

20260507T164823Z-1786d5f9b4brgfd9hC1BNAybts0000000bzg000000000fmu

X-Cache

Other

CONFIG_NOCACHE

date: Thu, 07 May 2026 16:48:23 GMT
request-context: appId=cid-v1:c1c1cc63-a79d-4e64-b689-79869b6db8e2
x-azure-ref: 20260507T164823Z-1786d5f9b4brgfd9hC1BNAybts0000000bzg000000000fmu
x-cache: CONFIG_NOCACHE

Recommendations

Enable compression (gzip/brotli) to improve performance