HTTP Headers Analysis for https://help.wyng.com

Detected Technologies from Headers

See all in URL Inspect 5

AWS CloudFront

Amazon S3

Google Fonts

Salesforce Cloud

Salesforce Sites

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=63072000; includeSubDomains

Content-Security-Policy

Weak

upgrade-insecure-requests,; report-uri Analyze

Content-Security-Policy-Report-Only

Weak

font-src; report-to; report-uri Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Vary

Performance

Accept-Encoding, Origin

vary: Accept-Encoding, Origin

Caching Headers

Cache-Control

Caching

no-cache,must-revalidate,max-age=0,no-store,private

Expires

Caching

Fri, 02 May 2025 06:42:59 GMT

Last-Modified

Caching

Fri, 02 May 2025 06:42:59 GMT

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
expires: Fri, 02 May 2025 06:42:59 GMT
last-modified: Fri, 02 May 2025 06:42:59 GMT

Content Headers

Content-Type

Content

text/html;charset=UTF-8

content-type: text/html;charset=UTF-8

Server Headers

Server

sfdcedge

server: sfdcedge

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: CookieConsentPolicy=0:1; path=/; expires=Sun, 02-May-2027 06:42:59 GMT; Max-Age=31536000; secure
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Sun, 02-May-2027 06:42:59 GMT; Max-Age=31536000; secure
renderCtx=%7B%22pageId%22%3A%22757134e9-04eb-4d88-ab14-4932a7ee5b19%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22ff8f18f0-2105-4d2b-868d-cf1472647a40%22%2C%22audienceIds%22%3A%22%22%7D; path=/s; secure

Other Headers

Date

Other

Sat, 02 May 2026 06:42:59 GMT

Link

Other

URL /s/sfsites/auraFW/javascript/ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA/aura_prod.js

rel=preload as=script nopush

URL /s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/resources.js?pu=1&pv=17773547130001881618295&rv=1761598697000

rel=preload as=script nopush

URL /s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.-2147483648.13107200-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A2%2C%22lrmc%22%3A%22551347034%22%7D/app.js?3=

rel=preload as=script nopush

Report-To

Other

Group sfdc-csp-ep max-age: 52w

Endpoint 1 https://wyngtwo.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D6g000001XSwA&networkId=0DM6g000000hAT2&type=communities

Reporting-Endpoints

Other

sfdc-csp-ep="https://wyngtwo.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D6g000001XSwA&networkId=0DM6g000000hAT2&type=communities"

Server-Timing

Other

Headers;dur=107

Timing-Allow-Origin

Other

*

X-Request-Id

Other

87fb05e9572d4b5e817a17462ee5c13a

X-Sfdc-Edge-Cache

Other

none

X-Sfdc-Request-Id

Other

87fb05e9572d4b5e817a17462ee5c13a

date: Sat, 02 May 2026 06:42:59 GMT
link: </s/sfsites/auraFW/javascript/ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/resources.js?pu=1&pv=17773547130001881618295&rv=1761598697000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.-2147483648.13107200-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A2%2C%22lrmc%22%3A%22551347034%22%7D/app.js?3=>;rel=preload;as=script;nopush
report-to: {"endpoints":[{"url":"https://wyngtwo.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D6g000001XSwA&networkId=0DM6g000000hAT2&type=communities"}],"max_age":31536000,"group":"sfdc-csp-ep"}
reporting-endpoints: sfdc-csp-ep="https://wyngtwo.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D6g000001XSwA&networkId=0DM6g000000hAT2&type=communities"
server-timing: Headers;dur=107
timing-allow-origin: *
x-request-id: 87fb05e9572d4b5e817a17462ee5c13a
x-sfdc-edge-cache: none
x-sfdc-request-id: 87fb05e9572d4b5e817a17462ee5c13a

Recommendations

Enable compression (gzip/brotli) to improve performance

SSL Verification Bypassed

Detected Technologies from Headers

HTTP Security Headers

Performance Headers

Caching Headers

Content Headers

Server Headers

CORS Headers

Cookies Headers

Other Headers

Recommendations