HTTP Headers Analysis for https://help.dotpost.com

Detected Technologies from Headers

See all in URL Inspect 2

AWS CloudFront

Heroku

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=2592000

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

Cache-Control

Caching

max-age=0, private, must-revalidate

Etag

Caching

W/"db133a9e90262ecb2a2a4edebad1af7b"

cache-control: max-age=0, private, must-revalidate
etag: W/"db133a9e90262ecb2a2a4edebad1af7b"

Content Headers

Content-Length

Content

57192

Content-Type

Content

text/html; charset=utf-8

content-length: 57192
content-type: text/html; charset=utf-8

Server Headers

Server

Heroku

X-Runtime

Server

0.105033

server: Heroku
x-runtime: 0.105033

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _helpjuice_session_v2=mmEG9ctCWqFnPlIrRDwl%2FhV0D2epheiqZOoaJMfwTxiOUjgRjl9b4AE%2FlGrc93HXnzMdq1x41MN%2FZbkmkao1%2F%2Bt9FrTdbl%2FvPv20ucuiFVYNbPcKK%2BjQptwVc%2Fq%2FtYPRANCn8rMPoRLYIC6nWEP%2FxpX3UIqfEdCVcvwySJa8qpmp7mDf97QF37tjUc1i9E9WL21EfCIuWzfqcR%2BAxEQmQ4xYUctV%2BOD3HrSmcu63ZqvqUi2Aj6bvLGnI90HBJ3sW%2BuwIX49VeyH3Lhv03w7QCgOp1QVJ6LGv7sH%2BRjY6Rb5Wr%2FxhXvXNV6mGxgD3mEctghCe--wuctMAak27BPx4HL--VsAVut0Cswzn1TxuRFzG4g%3D%3D; domain=help.dotpost.com; path=/; expires=Fri, 05 Jun 2026 17:08:56 GMT; secure; httponly

Other Headers

Date

Other

Wed, 06 May 2026 17:08:56 GMT

Nel

Other

Report-To Group heroku-nel max-age: 1h

success: 1.0% failure: 10.0%

Report-To

Other

Group heroku-nel max-age: 1h

Endpoint 1 https://nel.heroku.com/reports?s=GoU33xAOwW8AJ5sxOF6R%2Fbn2hcu7w9rs9OeqR6zZw2A%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1778087336

Reporting-Endpoints

Other

heroku-nel="https://nel.heroku.com/reports?s=GoU33xAOwW8AJ5sxOF6R%2Fbn2hcu7w9rs9OeqR6zZw2A%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1778087336"

Via

Other

1.1 heroku-router, 1.1 4d455abe9c408ddc198b94f7ff4a91ea.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

LQgSgVrz5qd54RJr69__uhuS_GPaenun1TBj74d-zvbwSVt2uQDijA==

X-Amz-Cf-Pop

Other

IAD89-P3

X-Cache

Other

Miss from cloudfront

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

X-Request-Id

Other

d6b6537c-4b30-0a40-ed19-87c86c55888d

date: Wed, 06 May 2026 17:08:56 GMT
nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
report-to: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=GoU33xAOwW8AJ5sxOF6R%2Fbn2hcu7w9rs9OeqR6zZw2A%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1778087336"}],"max_age":3600}
reporting-endpoints: heroku-nel="https://nel.heroku.com/reports?s=GoU33xAOwW8AJ5sxOF6R%2Fbn2hcu7w9rs9OeqR6zZw2A%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1778087336"
via: 1.1 heroku-router, 1.1 4d455abe9c408ddc198b94f7ff4a91ea.cloudfront.net (CloudFront)
x-amz-cf-id: LQgSgVrz5qd54RJr69__uhuS_GPaenun1TBj74d-zvbwSVt2uQDijA==
x-amz-cf-pop: IAD89-P3
x-cache: Miss from cloudfront
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: d6b6537c-4b30-0a40-ed19-87c86c55888d

Recommendations

Enable compression (gzip/brotli) to improve performance