Open
Cached
·
just now
16
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
connection: close
Caching Headers
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
Content Headers
Content-Length
491
Content-Type
text/html;charset=UTF-8
content-length: 491 content-type: text/html;charset=UTF-8
Server Headers
Server
sfdcedge
server: sfdcedge
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Akamai-Grn
0.04a4c017.1775128982.f6cd68c9
Date
Thu, 02 Apr 2026 11:23:03 GMT
P3p
CP="CUR OTR STA"
X-Origin-Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-Request-Id
626a4e03d68908363295c18d030ada67
X-Sfdc-Edge-Cache
MISS
X-Sfdc-Request-Id
626a4e03d68908363295c18d030ada67
akamai-grn: 0.04a4c017.1775128982.f6cd68c9 date: Thu, 02 Apr 2026 11:23:03 GMT p3p: CP="CUR OTR STA" x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private x-request-id: 626a4e03d68908363295c18d030ada67 x-sfdc-edge-cache: MISS x-sfdc-request-id: 626a4e03d68908363295c18d030ada67
Recommendations
Enable compression (gzip/brotli) to improve performance