HTTP Headers Analysis for https://support.docusign.com

Detected Technologies from Headers

See all in URL Inspect 28

AWS API Gateway

PayPal

Adyen

AWS

Amazon S3

Demandbase Active incidents

DocuSign

Oracle Eloqua

Facebook

Fullstory

Google Analytics

Google DoubleClick

Google Pay

Google reCAPTCHA

Google Search

Google Static File Front End

Google Tag Manager

Mixpanel

OneTrust

Qualtrics

Salesforce Cloud

Salesforce Sites

Sierra

Siteimprove

Stripe

The Trade Desk

Yellow.ai

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=63072000; includeSubDomains

Content-Security-Policy

Weak

upgrade-insecure-requests,; report-uri Analyze

Content-Security-Policy-Report-Only

Basic

script-src; report-to; report-uri Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding, Origin

connection: close
transfer-encoding: chunked
vary: Accept-Encoding, Origin

Caching Headers

Cache-Control

Caching

no-cache,must-revalidate,max-age=0,no-store,private

Expires

Caching

Thu, 08 May 2025 23:06:49 GMT

Last-Modified

Caching

Thu, 08 May 2025 23:06:49 GMT

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
expires: Thu, 08 May 2025 23:06:49 GMT
last-modified: Thu, 08 May 2025 23:06:49 GMT

Content Headers

Content-Type

Content

text/html;charset=UTF-8

content-type: text/html;charset=UTF-8

Server Headers

Server

sfdcedge

server: sfdcedge

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: CookieConsentPolicy=0:1; path=/; expires=Sat, 08-May-2027 23:06:49 GMT; Max-Age=31536000; secure
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Sat, 08-May-2027 23:06:49 GMT; Max-Age=31536000; secure
PicassoLanguage6f1e035b-4cd4-472e-b1c8-7d57e0e99336Published=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0
renderCtx=%7B%22pageId%22%3A%22bfd6e0ae-cd7e-4358-90c8-87f8de2344ca%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2252bff5e6-866e-4e63-8c44-d79144c0db18%22%2C%22audienceIds%22%3A%22%22%7D; path=/s; secure

Other Headers

Date

Other

Fri, 08 May 2026 23:06:49 GMT

Link

Other

URL

/s/sfsites/auraFW/javascript/ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA/aura_prod.js

rel=preload as=script nopush

URL

/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAxODZlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/resources.js?pu=1&pv=17781176110001672335788&rv=1777347365000

rel=preload as=script nopush

URL

/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.-2147483648.13107200-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/app.js?3=

rel=preload as=script nopush

Report-To

Other

Group sfdc-csp-ep max-age: 52w

Endpoint 1 https://docusign.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000bS4&networkId=0DM40000000GnBB&type=communities

Reporting-Endpoints

Other

sfdc-csp-ep="https://docusign.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000bS4&networkId=0DM40000000GnBB&type=communities"

Server-Timing

Other

Headers;dur=110

Timing-Allow-Origin

Other

*

X-Request-Id

Other

b89360e0c5f0abdf0608d67025b1f5d3

X-Sfdc-Edge-Cache

Other

none

X-Sfdc-Request-Id

Other

b89360e0c5f0abdf0608d67025b1f5d3

date: Fri, 08 May 2026 23:06:49 GMT
link: </s/sfsites/auraFW/javascript/ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAxODZlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/resources.js?pu=1&pv=17781176110001672335788&rv=1777347365000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.-2147483648.13107200-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22551347034%22%7D/app.js?3=>;rel=preload;as=script;nopush
report-to: {"max_age":31536000,"endpoints":[{"url":"https://docusign.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000bS4&networkId=0DM40000000GnBB&type=communities"}],"group":"sfdc-csp-ep"}
reporting-endpoints: sfdc-csp-ep="https://docusign.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D300000000bS4&networkId=0DM40000000GnBB&type=communities"
server-timing: Headers;dur=110
timing-allow-origin: *
x-request-id: b89360e0c5f0abdf0608d67025b1f5d3
x-sfdc-edge-cache: none
x-sfdc-request-id: b89360e0c5f0abdf0608d67025b1f5d3

Recommendations

Enable compression (gzip/brotli) to improve performance