Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31556952; includeSubDomains; preload
Content-Security-Policy
Good
default-src; font-src; object-src; +6 more
default-src 'self'; font-src 'self' https: data:; object-src 'none'; form-action 'self' https:; img-src 'self' https: blob: data: https://img.icons8.com; connect-src 'self' https://api.mapbox.com https://events.mapbox.com https://docs.isoutsource.com; frame-src https://www.youtube.com https://www.loom.com https://viewer.diagrams.net https://scribehow.com https://app.tango.us https://player.vimeo.com https://widget.canny.io https://lucid.app https://*.wasabisys.com https://www.canva.com https://*.sharepoint.com https://*.brightgauge.co https://www.figma.com https://*.figma.com https://maps.google.com https://www.google.com https://docs.google.com https://www.facebook.com https://www.linkedin.com https://app.rewst.io https://rewst.us.auth0.com https://api.mapbox.com https://docs.isoutsource.com; script-src 'self' blob: https://ajax.cloudflare.com https://canny.io/sdk.js https://api.duosecurity.com https://platform.twitter.com https://canvasjs.com https://stackpath.bootstrapcdn.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' blob: https://stackpath.bootstrapcdn.com
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
4 headers
Cache-Control
Caching
no-store
Etag
Caching
W/"9d3634df25fa2b3263c743d9edced5b2"
Expires
Caching
Mon, 01 Jan 1990 00:00:00 GMT
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
cloudflare
X-Runtime
Server
0.013604
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_hudu_session=Ddqj5nUuqrrdra%2BK1KV%2BnuErantQabXhmROunup01tuOm9Qlguqoalc4P7Pv6RGCyOzZRC4KsmGHJJr0pQI0TThN3hcMCXWxOIC%2FeL3swDQmN2sDB38nI8k6s7CPZNdk7%2BZ0zIZmBo5yVk6nxXp9YGqlY0lCtF6bYv0Qaqi9ZiNqiapAKmGfmdjeTLxTdjyR8Ww4VOju0z%2BkI1msCSRqw0kOf3vOR5uzegccYyegw%2BMXqnP22lolTzR9hbBXKffq9aSzuUZQYwxLu4FPrsM6hup95Vw5--t%2B6WGkRCMej6Ta1Z--%2B%2FxKNfGv5xTKoTHIplwubg%3D%3D; path=/; secure; httponly; samesite=lax
Other Headers
8 headers
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9bc7238bea8e1eda-IAD
Date
Other
Sun, 11 Jan 2026 20:24:39 GMT
Link
Other
</app_assets/application-3478c7cec484390bda79e965e17207677be30dd6e4f863e69b6eed6f059db015.css>; rel=preload; as=style; nopush,</app_assets/application-65282158fda0f4a8ad31eabce6c2d3ac5edddf1c9252ee99b8a56d50f4f16d86.js>; rel=preload; as=script; nopush
Nel
Other
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To
Other
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DHzvjsnngzXpAA9y2WKIZ85f9OWXx6GiM%2BsNmhrwtsiyOxO12beNrCSdXToHFD%2FYQWixMNNbtHQlevFWpWi%2ByL2711Jl8vh2PrSbmV6MvocVVY8%3D"}]}
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
be675baa-958e-4875-b16f-438bc44e00be
Recommendations
Enable compression (gzip/brotli) to improve performance