HTTP Headers Analysis for https://sdk.us.heap-api.com

Detected Technologies from Headers

See all in URL Inspect 14

Adobe Marketo

Chili Piper

ClearBit

Contentful

Drift

Google Analytics

Google DoubleClick

Google Fonts

Google Optimize

Google Tag Manager

Heap

Netlify

OneTrust

Wistia

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Basic

default-src; script-src; style-src; +11 more Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

accept-ranges: bytes
connection: close

Caching Headers

Age

Caching

58549

Cache-Control

Caching

public,max-age=0,must-revalidate

Etag

Caching

"92805ddd3c02058a70054a4ea39de736-ssl"

age: 58549
cache-control: public,max-age=0,must-revalidate
etag: "92805ddd3c02058a70054a4ea39de736-ssl"

Content Headers

Content-Length

Content

296273

Content-Type

Content

text/html; charset=UTF-8

content-length: 296273
content-type: text/html; charset=UTF-8

Server Headers

Server

Netlify

server: Netlify

CORS Headers

Access-Control-Allow-Origin

Cors

*

access-control-allow-origin: *

Cookies Headers

No cookies headers found

Other Headers

Cache-Status

Other

"Netlify Edge"; hit

Date

Other

Mon, 23 Mar 2026 14:56:56 GMT

Netlify-Vary

Other

cookie=__next_preview_data:presence|__prerender_bypass:presence

Permission-Policy

Other

accelerometer=(), autoplay=(*), camera=(), clipboard-write=(self), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), xr-spatial-tracking=()

X-Nf-Request-Id

Other

01KMDK5WHQSTE8AWHYNN25MDA6

cache-status: "Netlify Edge"; hit
date: Mon, 23 Mar 2026 14:56:56 GMT
netlify-vary: cookie=__next_preview_data:presence|__prerender_bypass:presence
permission-policy: accelerometer=(), autoplay=(*), camera=(), clipboard-write=(self), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), xr-spatial-tracking=()
x-nf-request-id: 01KMDK5WHQSTE8AWHYNN25MDA6

Recommendations

Enable compression (gzip/brotli) to improve performance