Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; worker-src; +9 more
default-src 'self' https://*.cloudfront.net https://cdn.wolfia.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.sentry-cdn.com https://apis.google.com https://accounts.google.com https://connect.nango.dev https://us-assets.i.posthog.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://cdn.wolfia.com https://cookiechimp.com https://cdn.jsdelivr.net https://app.chatwoot.com https://cdn.vector.co https://d-code.liadm.com https://*.usbrowserspeed.com; worker-src 'self' blob: https://cdnjs.cloudflare.com https://*.cloudfront.net https://cdn.wolfia.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://rsms.me https://*.cloudfront.net https://cdn.wolfia.com https://cdn.jsdelivr.net; img-src 'self' data: https://*.googleusercontent.com https://*.randomuser.me https://*.amazonaws.com https://*.cloudfront.net https://cdn.wolfia.com https://us-assets.i.posthog.com https://us.i.posthog.com https://workoscdn.com https://*.liadm.com https://*.logo.dev; font-src 'self' https://fonts.gstatic.com https://rsms.me https://*.cloudfront.net https://cdn.wolfia.com; connect-src 'self' https://api.wolfia.com https://api-dev.wolfia.com wss://api.wolfia.com wss://api-dev.wolfia.com *.sentry.io https://api.nango.dev https://us.i.posthog.com https://us-assets.i.posthog.com *.amazonaws.com https://*.cloudfront.net https://cookiechimp.com https://app.chatwoot.com wss://app.chatwoot.com https://cdn.jsdelivr.net https://*.mesh-interactive.com https://api.withmesh.com https://api.ipify.org https://*.usbrowserspeed.com https://d-code.liadm.com https://*.liadm.com https://api.vector.co https://pro.ip-api.com https://graph.microsoft.com https://*.sharepoint.com; frame-ancestors 'none'; frame-src 'self' https://connect.nango.dev https://docs.google.com *.amazonaws.com https://cookiechimp.com https://app.chatwoot.com https://*.liadm.com; manifest-src 'self' https://*.cloudfront.net https://cdn.wolfia.com; base-uri 'self'; form-action 'self' https://*.sharepoint.com
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=(), payment=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
2 headers
Connection
Performance
close
Vary
Performance
Origin
Caching Headers
2 headers
Cache-Control
Caching
public, max-age=0, must-revalidate
Etag
Caching
"c8sldqbvj02r7c"
Content Headers
2 headers
Content-Length
Content
128569
Content-Type
Content
text/html; charset=utf-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
AWSALBCORS=zBypb4oW1T3lf2ckoZtLe7vRvhQI+awNVLP27vh2WtW+nWopS4gTfRKDZxcnkePzFK/cL53eIuGQXurl4jG+VDvx3x4yGJYewz2g5Mqr3DnbDTn8TwmTDxdGDCIB; Expires=Thu, 08 Jan 2026 17:01:58 GMT; Path=/; SameSite=None; Secure
Other Headers
9 headers
Alt-Svc
Other
h3=":443"; ma=86400
Date
Other
Thu, 01 Jan 2026 17:01:59 GMT
Via
Other
1.1 a4361051b627e162564f4b225d8284a8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
YO4opa-7pgCl7a16E_hs42YlqwVv8VhWp6rNwcjn4B_KDE6U_jjNtA==
X-Amz-Cf-Pop
Other
IAD61-P11
X-Cache
Other
Miss from cloudfront
X-Ratelimit-Limit
Other
200
X-Ratelimit-Remaining
Other
199
X-Ratelimit-Reset
Other
1767286979000
Recommendations
Enable compression (gzip/brotli) to improve performance