HTTP Headers Analysis for https://www.pointfuse.net

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers

Connection

Performance

Transfer-Encoding

Performance

chunked

Caching Headers

2 headers

Etag

Caching

W/"3bb5a-646b63d23a5c0:dtagent10327251022105625L9Ub"

Last-Modified

Caching

Wed, 24 Dec 2025 17:46:23 GMT

Content Headers

1 headers

Content-Type

Content

text/html; charset=UTF-8

Server Headers

1 headers

Server

Apache

CORS Headers

0 headers

No CORS headers found

Cookies Headers

1 headers

Set-Cookie

Cookies

bm_sz=D55D3C6DD33CFA43F8BCED5A73D5A3FD~YAAQ8cgwF5efOUmbAQAANkp7UR5Nzh6VKyAWSl4dlR8bdamK1I1dtetpfiCG92Vs9K9IPSqhq954IgU9vBqTIWLo3cwUxG25bRlJx4sEJV/yW5N8MhrTOquDjzNnH5aW9Zd4mrX0vXIKXO1Hn2+daWQJlSyvEv67smL7JFola51FEi5kEkUzyTPeVgdsvHffX/+MF0NfFhWkBrQ/1+WqMiLWCrmJnQfPEofRlqc4RffG2On4EmDsj8uxbFMyUNn8OcGUI/l/xn9uYWljv1n1EUjMjJwkUx9Wnh0Y1pNJSXichiF+d46SupLvWVKBA4hquM+ZVYM3xX8ADCfK1wyhk/bPq3Dd7DkOW+HTDieZ~4471097~3422000; Domain=.autodesk.com; Path=/; Expires=Wed, 24 Dec 2025 21:49:53 GMT; Max-Age=14400

Other Headers

10 headers

Akamai-Cache-Status

Other

Hit from child

Akamai-Grn

Other

0.f1c83017.1766598593.8a8aed84

Akamai-Request-Bc

Other

[a=23.48.200.241,b=2324360580,c=g,n=US_VA_ASHBURN,o=20940]

Alt-Svc

Other

h3=":443"; ma=93600

Date

Other

Wed, 24 Dec 2025 17:49:53 GMT

Server-Timing

Other

dtSInfo;desc="0", dtRpid;desc="-904967551"

Serverid

Other

dotcom-prd-web-publish03-ue1

Timing-Allow-Origin

Other

*

X-Oneagent-Js-Injection

Other

true

X-Ruxit-Js-Agent

Other

true

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching