HTTP Headers Analysis for https://support.firstalert.com

Detected Technologies from Headers

See all in URL Inspect 26

PayPal

YouTube

Adobe Fonts (Typekit)

Adyen

Arkose Labs

Brightcove

Cloudinary

Embedly Active incidents

Google Analytics

Google DoubleClick

Google Pay

Google reCAPTCHA

Google Search

Google Static File Front End

Google Tag Manager

Highspot

LaunchDarkly

Osano

Salesforce Cloud

Salesforce Sites

Stripe

TrustArc

Vidyard

Vimeo

Wistia

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=63072000; includeSubDomains

Content-Security-Policy

Weak

upgrade-insecure-requests,; report-uri Analyze

Content-Security-Policy-Report-Only

Weak

frame-src; report-to; report-uri Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Vary

Performance

Accept-Encoding, Origin

vary: Accept-Encoding, Origin

Caching Headers

Cache-Control

Caching

no-cache,must-revalidate,max-age=0,no-store,private

Expires

Caching

Thu, 08 May 2025 22:38:25 GMT

Last-Modified

Caching

Thu, 08 May 2025 22:38:25 GMT

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
expires: Thu, 08 May 2025 22:38:25 GMT
last-modified: Thu, 08 May 2025 22:38:25 GMT

Content Headers

Content-Type

Content

text/html;charset=UTF-8

content-type: text/html;charset=UTF-8

Server Headers

Server

sfdcedge

server: sfdcedge

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: CookieConsentPolicy=0:1; path=/; expires=Sat, 08-May-2027 22:38:25 GMT; Max-Age=31536000; secure
LSKey-c$CookieConsentPolicy=0:1; path=/; expires=Sat, 08-May-2027 22:38:25 GMT; Max-Age=31536000; secure
renderCtx=%7B%22pageId%22%3A%226420ae25-9668-4b5c-a6ca-7e0c14b7f7c5%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22b8c650d6-5731-431d-af51-f42eb0182d60%22%2C%22audienceIds%22%3A%226Au4x000000PPnc%22%7D; path=/s; secure

Other Headers

Date

Other

Fri, 08 May 2026 22:38:25 GMT

Link

Other

URL /s/sfsites/auraFW/javascript/ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA/aura_prod.js

rel=preload as=script nopush

URL /s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%7D/resources.js?pu=1&pv=17782238950001144101825&rv=1777346649000

rel=preload as=script nopush

URL /s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.-2147483648.13107200-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22dns%22%3A%22c%22%7D/app.js?3=

rel=preload as=script nopush

Report-To

Other

Group sfdc-csp-ep max-age: 52w

Endpoint 1 https://rezi.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D4x000006ta2o&networkId=0DM4x000000Z98V&type=communities

Reporting-Endpoints

Other

sfdc-csp-ep="https://rezi.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D4x000006ta2o&networkId=0DM4x000000Z98V&type=communities"

Server-Timing

Other

Headers;dur=103

Timing-Allow-Origin

Other

*

X-Request-Id

Other

8e8067f4ad32fd77be302640848a045c

X-Sfdc-Edge-Cache

Other

none

X-Sfdc-Request-Id

Other

8e8067f4ad32fd77be302640848a045c

date: Fri, 08 May 2026 22:38:25 GMT
link: </s/sfsites/auraFW/javascript/ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZkJhOVpLN2NZQkJrd2NWd3pMcnFOdzJEa1N5enhOU3R5QWl2VzNveFZTbGcxMy4tMjE0NzQ4MzY0OC4xMzEwNzIwMA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%7D/resources.js?pu=1&pv=17782238950001144101825&rv=1777346649000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-13.-2147483648.13107200-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%221544_-QE8H35gPOQmfpGx0OKiMg%22%7D%2C%22dns%22%3A%22c%22%7D/app.js?3=>;rel=preload;as=script;nopush
report-to: {"endpoints":[{"url":"https://rezi.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D4x000006ta2o&networkId=0DM4x000000Z98V&type=communities"}],"max_age":31536000,"group":"sfdc-csp-ep"}
reporting-endpoints: sfdc-csp-ep="https://rezi.lightning.force.com/_/ContentDomainCSPNoAuth?tenantId=00D4x000006ta2o&networkId=0DM4x000000Z98V&type=communities"
server-timing: Headers;dur=103
timing-allow-origin: *
x-request-id: 8e8067f4ad32fd77be302640848a045c
x-sfdc-edge-cache: none
x-sfdc-request-id: 8e8067f4ad32fd77be302640848a045c

Recommendations

Enable compression (gzip/brotli) to improve performance

SSL Verification Bypassed

Detected Technologies from Headers

HTTP Security Headers

Performance Headers

Caching Headers

Content Headers

Server Headers

CORS Headers

Cookies Headers

Other Headers

Recommendations