Open
Cached
·
just now
18
Headers
Detected Technologies from Headers
AWS CloudFront
Chili Piper
Chameleon
Canny
Google Tag Manager
Bugsnag
G2
Fullstory
Mutiny
HubSpot Forms
Google DoubleClick
Google Analytics
Google Conversion Tracking
Mixpanel
Sprig
Segment
Google Static File Front End
Google API JS Client
Google Fonts
LinkedIn
Zendesk
Microsoft ASP.NET CDN
Zoom
Active incidents
Stripe
Slack
BootstrapCDN
Nginx
Adobe Marketo
Microsoft SharePoint
Facebook
Amazon S3
Maxio
DigitalOcean Spaces
Active incidents
Cloudflare CDNJS
Salesforce Pardot
PostHog
HubSpot
Intercom
YouTube
Sentry
jsDelivr
Google Cloud
Google Cloud Storage
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Accept-Ranges
bytes
Connection
close
Vary
Accept-Encoding
accept-ranges: bytes connection: close vary: Accept-Encoding
Caching Headers
Cache-Control
public, max-age=0, s-maxage=60, must-revalidate
Etag
"6a057a8f-49c"
Last-Modified
Thu, 14 May 2026 07:32:31 GMT
cache-control: public, max-age=0, s-maxage=60, must-revalidate etag: "6a057a8f-49c" last-modified: Thu, 14 May 2026 07:32:31 GMT
Content Headers
Content-Length
1180
Content-Type
text/html
content-length: 1180 content-type: text/html
Server Headers
Server
nginx/1.26.2
server: nginx/1.26.2
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Alt-Svc
h3=":443"; ma=2592000
Date
Thu, 14 May 2026 13:58:53 GMT
Via
1.1 google
X-Content-Security-Policy
default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://rollout.ada.support https://static.ada.support https://chilipipergen.ada.support https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://telemetryservice.firstpartyapps.oaspapps.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.cloudbees.io/ https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://canny.io https://*.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://*.lrkt-in.com https://*.lgrckt-in.com https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://*.gong.io https://hooks.slack.com https://api-inference.huggingface.co https://*.logr-ingest.com https://*.posthog.com https://*.candu.ai https://media.candulabs.com https://www.gstatic.com https://www.g2.com https://vi.ml314.com https://*.cpcdp.com 'unsafe-inline' 'wasm-unsafe-eval'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline';
alt-svc: h3=":443"; ma=2592000 date: Thu, 14 May 2026 13:58:53 GMT via: 1.1 google x-content-security-policy: default-src 'self' blob: data: wss://*.chilipiper.com wss://*.chilipiper.io wss://*.chilipiper.cool wss://*.chilipiper.team https://*.chilipiper.com https://*.chilipiper.io https://*.chilipiper.cool https://*.chilipiper.team https://rollout.ada.support https://static.ada.support https://chilipipergen.ada.support https://www.google-analytics.com https://www.googletagmanager.com https://static2.sharepointonline.com https://ajax.aspnetcdn.com https://telemetryservice.firstpartyapps.oaspapps.com https://appsforoffice.microsoft.com https://*.rollout.io https://*.cloudbees.io/ https://*.facebook.com https://*.marketo.com https://*.mixpanel.com https://*.hubspot.com https://*.pardot.com https://*.getdrip.com https://*.google.com https://*.googleapis.com https://*.hsforms.net https://www.youtube.com https://s3.amazonaws.com https://sentry.io https://cdn.ravenjs.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://twemoji.maxcdn.com https://*.cloudfront.net https://intercom-sheets.com https://static.intercomassets.com https://js.intercomcdn.com https://cdn.segment.com https://api.segment.io https://maxcdn.bootstrapcdn.com https://*.intercom.io https://*.mutinycdn.com https://*.mutinyhq.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.bugsnag.com https://zoom.us https://*.gotomeeting.com https://*.rollout.io https://*.codox.io https://cdn.tiny.cloud https://js.stripe.com https://*.zdassets.com https://*.zendesk.com https://*.zopim.com wss://chilipiper.zendesk.com wss://*.zopim.com https://*.googleusercontent.com https://*.facebook.net https://*.doubleclick.net https://*.licdn.com https://*.googleadservices.com https://*.digitaloceanspaces.com https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://canny.io https://*.canny.io https://edge.fullstory.com https://rs.fullstory.com https://*.lr-in-prod.com https://*.lrkt-in.com https://*.lgrckt-in.com https://*.planhat.com https://*.sprig.com https://com-chilipiper-prod1.mini.snplow.net https://com-chilipiper-prod1.collector.snplow.net https://fast.chameleon.io https://js.chargify.com https://selfservice.maxio.com https://*.gong.io https://hooks.slack.com https://api-inference.huggingface.co https://*.logr-ingest.com https://*.posthog.com https://*.candu.ai https://media.candulabs.com https://www.gstatic.com https://www.g2.com https://vi.ml314.com https://*.cpcdp.com 'unsafe-inline' 'wasm-unsafe-eval'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://fonts.googleapis.com https://js.intercomcdn.com; img-src * data: blob: 'unsafe-inline';
Recommendations
Enable compression (gzip/brotli) to improve performance