DNS Gurus
Cached · just now
20 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Weak
frame-ancestors; report-uri
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Significantly strengthen CSP directives
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Connection
Performance
Transfer-Encoding
Transfer-Encoding
Performance
chunked
Vary
Performance
origin

Caching Headers

3 headers
Cache-Control
Caching
no-cache,must-revalidate,max-age=0,no-store,private
Expires
Caching
Sun, 12 Jan 2025 10:44:59 GMT
Last-Modified
Caching
Sun, 12 Jan 2025 10:44:59 GMT

Content Headers

1 headers
Content-Type
Content
text/html;charset=UTF-8

Server Headers

0 headers
No server headers found

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
renderCtx=%7B%22pageId%22%3A%2260e268fe-6167-45b2-9fde-552a083321d2%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2218a829cb-d363-4c44-8c79-3cb384f7d475%22%2C%22audienceIds%22%3A%22%22%7D; path=/s; secure

Other Headers

9 headers
Akamai-Grn
Other
0.c69b3e17.1768214699.fc8c6ba6
Content-Security-Policy-Report-Only
Other
img-src *.force.com https://*.algolianet.com https://app.briteverify.com slack-imgs-mil-dev.com https://www.linkedin.com 'self' https://app.gong.io https://img.youtube.com https://litmus-staging.com https://payments.salesforce.com/icons/ https://usa546.sfdc-lywfpd.salesforce.com/icons/ https://www.validity.com https://*.bv-sandbox.validity.com https://cdn.cookielaw.org https://login.salesforce.com/icons/ https://*.springcm.com https://theme.zdassets.com https://demandtoolstoday.crmfusion.com https://www.gstatic.com https://*.highspot.com *.slack-edge-gov.com https://validity.com *.my-salesforce.com https://litmus.com https://www.youtube-nocookie.com https://*.typekit.net https://*.algolia.net *.cloudinary.com https://*.wistia.net *.amazonaws.com blob: https://*.vf.force.com slack-imgs.com slack-gov-dev.com *.sfdcstatic.com https://*.fontawesome.com https://app.workramp.com *.twimg.com https://validity.my.salesforce.com https://browser.sentry-cdn.com https://*.docusign.net https://api.mixpanel.com *.slack.com https://www.paypal.com https://community.validity.com *.slack-imgs.com slack-imgs-gov.com https://i.ytimg.com https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ *.salesforce-experience.com https://certification.validity.com https://*.clm.docusign.mil https://*.wistia.com https://*.workramp.io slack-imgs-gov-dev.com https://*.workramp.com *.slack-edge.com https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://*.docusign.com https://communitystg.wpengine.com https://*.algolia.com slack-mil-dev.com https://www.gstatic.com/recaptcha/ https://geolocation.onetrust.com https://www.google.com/recaptcha/ *.slack-edge.mil https://www.sandbox.paypal.com https://*.clmfed.docusign.com https://i.vimeocdn.com https://validity.file.force.com https://www.googletagmanager.com https://mycommunity.validity.com https://www.google-analytics.com *.salesforce.com https://*.adyen.com slack-imgs.mil data:; report-to sfdc-csp-ep; report-uri https://validity.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000RBY&networkId=0DMTO00000006wg&type=communities
Date
Other
Mon, 12 Jan 2026 10:44:59 GMT
Link
Other
</s/sfsites/auraFW/javascript/REdtNUF5ejJUNWxpdVllUjQtUzV4UTFLcUUxeUY3ZVB6dE9hR0VheDVpb2cxMy4zMzU1NDQzMi41MDMzMTY0OA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22REdtNUF5ejJUNWxpdVllUjQtUzV4UTFLcUUxeUY3ZVB6dE9hR0VheDVpb2cxMy4zMzU1NDQzMi41MDMzMTY0OA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221421_mg1QpGWKsu060_sD-hU2fg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDExMTdlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%7D/resources.js?pu=1&pv=17679941780001635306669&rv=1767711411000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.33554432.50331648-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221421_mg1QpGWKsu060_sD-hU2fg%22%7D%2C%22dns%22%3A%22c%22%7D/app.js?3=>;rel=preload;as=script;nopush
Report-To
Other
{"endpoints":[{"url":"https://validity.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000RBY&networkId=0DMTO00000006wg&type=communities"}],"max_age":31536000,"group":"sfdc-csp-ep"}
Reporting-Endpoints
Other
sfdc-csp-ep="https://validity.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000RBY&networkId=0DMTO00000006wg&type=communities"
Server-Timing
Other
Headers;dur=64
Timing-Allow-Origin
Other
*
X-Origin-Cache-Control
Other
no-cache,must-revalidate,max-age=0,no-store,private

Recommendations

Enable compression (gzip/brotli) to improve performance