Open
Cached
·
just now
24
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
connect-src; font-src; default-src; +10 more
connect-src 'self' *.adroll.com *.clearbitscripts.com *.sequel.io *.g2.com *.uikit.inkeep.com *.management.inkeep.com *.inkeep.com *.unpkg.com *.chilipiper.io *.chilipiper.com *.g2crowd.com *.linkedin.com analytics.google.com *.clearbit.com *.metadata.io *.reactful.com *.calibermind.com *.metarouter.io *.drifft.com *.hsforms.com js.hs-banner.com *.google-analytics.com www.google.com *.clarity.ms bat.bing.com *.doubleclick.net *.forms.hscollectedforms.net *.hsappstatic.net forms.hscollectedforms.net *.hubapi.com *.hubspot.com js.hs-banner.com *.facebook.com *.litix.io *.wistia.com embedwistia-a.akamaihd.net cdn.linkedin.oribi.io ws:; font-src 'self' *.calibermind.com *.sequel.io *.gstatic.com *.googleapis.com *.wistia.com data:; default-src 'none'; media-src 'self' *.calibermind.com *.sequel.io embedwistia-a.akamaihd.net embed-fastly.wistia.com blob:; worker-src 'self' *.calibermind.com blob:; img-src 'self' data: *.adroll.com *.sequel.io *.g2crowd.com *.g2.com *.googleusercontent.com heapanalytics.com *.clearbit.com *.googleapis.com fivetran.com *.cloudinary.com *.hsforms.com *.facebook.com *.google.com *.linkedin.com *.hubspot.com *.google-analytics.com www.googletagmanager.com embed-ssl.wistia.com *.gravatar.com *.wistia.com *.cloudfront.com embedwistia-a.akamaihd.net fast.wistia.net bat.bing.com *.clarity.ms; manifest-src 'self'; frame-src 'self' *.adroll.com *.g2.com *.sequel.io *.google.com www.googletagmanager.com *.chilipiper.com *.youtube.com *.podbean.com *.auth0.com *.calibermind.com *.drifft.com *.facebook.com js.drifft.com *.driftt.com forms.hsforms.com fast.wistia.net *.doubleclick.net; script-src-elem 'self' 'unsafe-inline' *.adroll.com *.sequel.io *.sequelvideo.com *.g2.com *.uikit.inkeep.com *.management.inkeep.com *.inkeep.com *.unpkg.com unpkg.com bat.bing.com *.chilipiper.com *.googleadservices.com *.google.com *.youtube.com *.clarity.ms *.googletagmanager.com *.auth0.com *.metarouter.io *.calibermind.com *.cloudflareinsights.com *.gstatic.com *.jquery.com *.hsforms.net *.googleapis.com *.calibermind.com *.google-analytics.com *.doubleclick.net *.facebook.net *.driftt.com *.clearbitscripts.com *.hs-scripts.com cdnjs.cloudflare.com *.licdn.com *.g2crowd.com *.cdn.metadata.io *.metadata.io *.clearbit.com x.clearbitjs.com js.hsadspixel.net js.hscollectedforms.net js.hs-analytics.net js.hsleadflows.net *.hubspot.com js.hs-banner.com *.wistia.com *.fast.wistia.com *.wistia.net *.reactful.com blob: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.unpkg.com *.sequel.io *.chilipiper.com *.auth0.com *.metarouter.io *.calibermind.com *.cloudflareinsights.com *.googletagmanager.com *.gstatic.com *.jquery.com *.hsforms.net *.googleapis.com *.calibermind.com *.google-analytics.com *.doubleclick.net *.facebook.net *.driftt.com *.clearbitscripts.com *.hs-scripts.com *.licdn.com *.g2crowd.com *.cdn.metadata.io *.metadata.io x.clearbitjs.com js.hsadspixel.net js.hscollectedforms.net js.hs-analytics.net js.hsleadflows.net track.hubspot.com js.hs-banner.com *.wistia.com *.fast.wistia.com *.wistia.net *.reactful.com blob:; style-src-elem 'self' 'unsafe-inline' *.auth0.com *.sequel.io *.metarouter.io *.calibermind.com *.cloudflareinsights.com *.googletagmanager.com *.gstatic.com *.jquery.com *.hsforms.net *.googleapis.com *.calibermind.com *.google-analytics.com *.doubleclick.net *.facebook.net *.driftt.com *.clearbitscripts.com *.hs-scripts.com *.hsadspixel.net *.reactful.com; style-src 'unsafe-inline' 'self' *.googleapis.com *.sequel.io; frame-ancestors 'self' *.calibermind.com *.sequel.io *.drifft.com fast.wistia.net *.youtube.com
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
microphone=(), camera=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
3 headers
Connection
Performance
keep-alive
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
4 headers
Age
Caching
12204
Cache-Control
Caching
max-age=0, s-maxage=2592000
Expires
Caching
Fri, 21 Nov 2025 16:35:37 GMT
Last-Modified
Caching
Fri, 21 Nov 2025 16:35:37 GMT
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
9 headers
Cache-Provider
Other
CLOUDWAYS-CACHE-DC
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9a22c3e32c5916cb-IAD
Date
Other
Fri, 21 Nov 2025 19:59:01 GMT
Link
Other
<https://calibermind.com/wp-json/>; rel="https://api.w.org/", <https://calibermind.com/wp-json/wp/v2/pages/31974>; rel="alternate"; title="JSON"; type="application/json", <https://calibermind.com/>; rel=shortlink
Nel
Other
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To
Other
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JllJB5jJZYs%2BTaYb6TJXlFkKtyxWTYEdnz0yv0KA6NULzAKw5bzEQlYY2K09pJRA1jxT0dQy93m26xGGEHwc6h2zzniICHg4nA9su5f3"}]}
Server-Timing
Other
cfEdge;dur=19,cfOrigin;dur=137
X-Cache
Other
HIT
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 225ms