HTTP Headers Analysis for https://app.sendoso.com

Detected Technologies from Headers

See all in URL Inspect 22

AWS CloudFront

AWS

Bugsnag

Datadog

Forethought

Fullstory

Google API JS Client

Google DoubleClick

Google Search

Google Static File Front End

HubSpot

LaunchDarkly

Microsoft 365

New Relic

Qualtrics

SalesLoft

Stripe

Unlayer

Vimeo

Webflow

Zendesk

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=631138519

Content-Security-Policy

Basic

default-src; frame-ancestors; frame-src; +2 more Analyze

Content-Security-Policy-Report-Only

Basic

default-src; connect-src; frame-ancestors; +4 more Analyze

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

Cache-Control

Caching

no-cache

cache-control: no-cache

Content Headers

Content-Length

Content

433

content-length: 433

Server Headers

X-Runtime

Server

0.011372

x-runtime: 0.011372

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _my_app=496ec6af87a12cf138f12bbbc1a3053a; path=/; expires=Mon, 13 Apr 2026 06:05:21 GMT; secure; HttpOnly; SameSite=None

Other Headers

Date

Other

Mon, 13 Apr 2026 04:35:21 GMT

Location

Other

https://sendosoprod.auth0.com/authorize?audience=https%3A%2F%2Fapi.sendoso.com%2F&client_id=t6mQ-ipIdHdQKpvL-CaLSJyYf7gqXVTi&leeway=60&nonce=3bb2a989308abb3716bdb5cc13087610&redirect_uri=https%3A%2F%2Fapp.sendoso.com%2Fauth0%2Fcallback&response_type=code&scope=email+offline_access+openid+profile&state=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3NzYwNTQ5MjEsImV4cCI6MTc3NjE0MTMyMX0.Z4H94SIlLEGRXbJJDBxS_nt_TuJh6wBN94GwWIsxKC0

Via

Other

1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

bh8rGky29RpII2Ik0gL6fBltkNKxt9JOgc4j_xtDjcVR4MHTMrbm5A==

X-Amz-Cf-Pop

Other

IAD89-P1

X-Cache

Other

Miss from cloudfront

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

1728032a1e8515a96edaea167c7f8170

X-Robots-Tag

Other

none

date: Mon, 13 Apr 2026 04:35:21 GMT
location: https://sendosoprod.auth0.com/authorize?audience=https%3A%2F%2Fapi.sendoso.com%2F&client_id=t6mQ-ipIdHdQKpvL-CaLSJyYf7gqXVTi&leeway=60&nonce=3bb2a989308abb3716bdb5cc13087610&redirect_uri=https%3A%2F%2Fapp.sendoso.com%2Fauth0%2Fcallback&response_type=code&scope=email+offline_access+openid+profile&state=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3NzYwNTQ5MjEsImV4cCI6MTc3NjE0MTMyMX0.Z4H94SIlLEGRXbJJDBxS_nt_TuJh6wBN94GwWIsxKC0
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: bh8rGky29RpII2Ik0gL6fBltkNKxt9JOgc4j_xtDjcVR4MHTMrbm5A==
x-amz-cf-pop: IAD89-P1
x-cache: Miss from cloudfront
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 1728032a1e8515a96edaea167c7f8170
x-robots-tag: none

Recommendations

Enable compression (gzip/brotli) to improve performance