HTTP Headers Analysis for https://www.bentley.com

Detected Technologies from Headers

See all in URL Inspect 59

AWS CloudFront

Microsoft 365

Pingdom

Zscaler

Google Tag Manager

UserWay

WP Engine

Brightcove

Tailwind CSS

Bing

Google reCAPTCHA

SalesLoft

Google Translate

Statuspage

HubSpot Forms Active incidents

JotForm

Google DoubleClick

Google Analytics

Microsoft Advertising

Google Conversion Tracking

ON24

Cloudflare CDN

Google Static File Front End

Google API JS Client

Wistia

Twitter

Qualtrics

HubSpot CMS Active incidents

HubSpot Analytics Active incidents

Drift

unpkg

Google Search

Cloudflare Active incidents

Adobe Marketo

Demandbase

Facebook

Amazon S3

Impartner

Mouseflow

StackAdapt

OneTrust

GitHub Active incidents

Salesforce Sites

Moz

Cloudflare CDNJS

AWS

Intentsify

Visual Website Optimizer

Akamai Active incidents

Smartling

HubSpot Active incidents

YouTube

Microsoft Clarity

HubSpot Live Chat Active incidents

jsDelivr

Google Cloud

Google Cloud Storage

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Basic

default-src; script-src; style-src; +10 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Present

camera=(), microphone=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie

connection: close
transfer-encoding: chunked
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie

Caching Headers

Cache-Control

Caching

max-age=600, must-revalidate

Expires

Caching

Thu, 19 Nov 1981 08:52:00 GMT

Last-Modified

Caching

Sun, 22 Mar 2026 14:56:01 GMT

Pragma

Caching

no-cache

cache-control: max-age=600, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Sun, 22 Mar 2026 14:56:01 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

Server

cloudflare

X-Powered-By

Server

WP Engine

server: cloudflare
x-powered-by: WP Engine

CORS Headers

Access-Control-Allow-Credentials

Cors

true

Access-Control-Allow-Origin

Cors

*

access-control-allow-credentials: true
access-control-allow-origin: *

Cookies Headers

Set-Cookie

Cookies

set-cookie: __cf_bm=TvScl6_lSONVn4J4o4w5xSw7rnThax4yYQ6LarZulqc-1777513023.8088343-1.0.1.1-yl20pkmoJ4hXCtDyHWXyCv9DSuYnf9_i2CEmG7m6bovzAFTR3weDs9DcmpEyL4A7aiWQR.n4qMuWjsRdZMWcasX7p8q0Z9e0WYxBRFp2q8lKitfRc_cHQna2UdHcLpaJ; HttpOnly; Secure; Path=/; Domain=www.bentley.com; Expires=Thu, 30 Apr 2026 02:07:03 GMT

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f42d1aec93f1f6d-IAD

Date

Other

Thu, 30 Apr 2026 01:37:03 GMT

Feature-Policy

Other

camera=(), microphone=()

Link

Other

URL https://www.bentley.com/

rel=shortlink

X-Cache

Other

X-Cache-Group

Other

normal

X-Cacheable

Other

SHORT

X-Ua-Compatible

Other

IE=edge

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9f42d1aec93f1f6d-IAD
date: Thu, 30 Apr 2026 01:37:03 GMT
feature-policy: camera=(), microphone=()
link: <https://www.bentley.com/>; rel=shortlink
x-cache: HIT: 211
x-cache-group: normal
x-cacheable: SHORT
x-ua-compatible: IE=edge

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology