HTTP Headers Analysis for https://reformation.com

Detected Technologies from Headers

See all in URL Inspect 1

Cloudflare CDN

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Weak

frame-ancestors Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

accept-encoding

connection: close
transfer-encoding: chunked
vary: accept-encoding

Caching Headers

Cache-Control

Caching

no-cache, no-store, must-revalidate

Expires

Caching

Thu, 01 Dec 1994 16:00:00 GMT

Pragma

Caching

no-cache

cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html;charset=UTF-8

content-type: text/html;charset=UTF-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: dwac_0644a165d42080eb78142cac75=ALQExR1kBXpI4YoGHuFgJbaI_CwTuXoqqf4%3D|dw-only|||USD|false|US%2FPacific|true; Path=/; Secure; SameSite=None
cqcid=abwgR1AS3fsvrt6CYnfxC2mfgx; Path=/; Secure; SameSite=None
cquid=||; Path=/; Secure; SameSite=None
sid=ALQExR1kBXpI4YoGHuFgJbaI_CwTuXoqqf4; Path=/; Secure; SameSite=None
newCustomer=new; Expires=Sat, 01 Aug 2026 00:19:22 GMT; Path=/; Secure; SameSite=None
GlobalE_Data=%7B%22countryISO%22%3A%22US%22%2C%22cultureCode%22%3A%22en-US%22%2C%22currencyCode%22%3A%22USD%22%2C%22apiVersion%22%3A%222.1.4%22%7D; Domain=www.thereformation.com; Expires=Fri, 10 Apr 2026 00:19:22 GMT; Path=/; Secure; SameSite=None
dwanonymous_914668167e2805280fee994f0c25aa1b=abwgR1AS3fsvrt6CYnfxC2mfgx; Version=1; Comment="Demandware anonymous cookie for site Sites-reformation-us-Site"; Max-Age=15552000; Expires=Wed, 30 Sep 2026 00:19:22 GMT; Path=/; Secure; SameSite=None
__cq_dnt=0; Path=/; Secure; SameSite=None
dw_dnt=0; Path=/; Secure; SameSite=None
dwsid=6yFHr6Rok2tycAy7tLgMc10dv0aqtew7k2-d5FAeudx7JEJWajZO5siKqKN8XRC99O5QmibNyB9iDsp8NNK4zA==; path=/; HttpOnly; Secure; SameSite=None
_cfuvid=u4TV2w822uDlx4h1TY0ink4V_XRCwNKjZYBQDFXj7yk-1775175563014-0.0.1.1-604800000; path=/; domain=.www.thereformation.com; HttpOnly; Secure; SameSite=None

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9e63e6c3a95b2fd6-IAD

Date

Other

Fri, 03 Apr 2026 00:19:23 GMT

X-Dw-Request-Base-Id

Other

6Ek8IzbFzmkBAAB_

cf-cache-status: DYNAMIC
cf-ray: 9e63e6c3a95b2fd6-IAD
date: Fri, 03 Apr 2026 00:19:23 GMT
x-dw-request-base-id: 6Ek8IzbFzmkBAAB_

Recommendations

Enable compression (gzip/brotli) to improve performance