Open
Cached
·
just now
20
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; base-uri; connect-src; +6 more
default-src https: 'self'; base-uri 'self'; connect-src *.hotjar.com:* vc.hotjar.io:* surveystats.hotjar.io wss://*.hotjar.com wss://api.appcues.net:* https: 'self' wss://replay.uxtweak.com:* *.google-analytics.com *.analytics.google.com *.googletagmanager.com; font-src 'self' data: script.hotjar.com https:; frame-ancestors 'self'; img-src 'self' https: data: script.hotjar.com *.google-analytics.com *.googletagmanager.com; object-src 'none'; script-src 'strict-dynamic' 'unsafe-eval' https: 'self' cdn.zeroheight.com 'nonce-gr3J5LEpc881qP0VzlUzH+mFEtzSZ/CdtitslPNcJ1c=' 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin, strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Vary
Performance
Accept-Encoding
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"2e439b2a97e684c29081960d74be4070"
Content Headers
2 headers
Content-Length
Content
107505
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
X-Runtime
Server
0.126759
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_zh_session=hla0XkPGX1P69XItbSDqFG8u3A0qAYfrPdM0xMUVMl%2BeiPrM%2BQrQ6U4xB8pruqKOu04Qt7F4OQqBNDC1S7irrG0gJ7xCzzJJS4cZsk2NH9ddPhT%2B3yelnaVlQvZqH7C6CP7CdmPxgXPKBQwejpdM7DvgYaC9USIeKoPwWSTmP%2BlKVI8Brrv%2Bv9YHofq8c6DW2cA4dGTqXQeOPWW9A0%2BWhWtOoLDcRHuVOm5tMMAlMeoZYwzn8Mjq9xbYhm2LNuxuJ3ddX5UPzcZpk3f87Bb%2BLhrq8g%3D%3D--YZ2K0teT8LC%2FK10I--iO03JbMtfILgPrp%2FC7Lyhw%3D%3D; domain=www.lightningdesignsystem.com; path=/; secure; httponly; samesite=lax
Other Headers
7 headers
Date
Other
Wed, 11 Feb 2026 11:58:51 GMT
Link
Other
<https://cdn.zeroheight.com/1.5.9.9378/runtime.js?version=1.5.9.9378>; rel=preload; as=script; nopush,<https://cdn.zeroheight.com/1.5.9.9378/vendors.js?version=1.5.9.9378>; rel=preload; as=script; nopush,<https://cdn.zeroheight.com/1.5.9.9378/commons.js?version=1.5.9.9378>; rel=preload; as=script; nopush,<https://cdn.zeroheight.com/1.5.9.9378/app.js?version=1.5.9.9378>; rel=preload; as=script; nopush,</the-other-assets/plugin-4a494e7f121a21f8107858ef2ae2a4195419e15b227b90c9665c2a43f22cb9f2.css>; rel=preload; as=style; nopush,<https://www.googletagmanager.com/gtag/js?id=GTM-K4S25JQ>; rel=preload; as=script; nopush,<//fast.appcues.com/119582.js>; rel=preload; as=script; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Rack-Cors
Other
miss; no-origin
X-Request-Id
Other
22422123-f14a-4fe2-ad3e-67c531e4ff22
Zh-Product-Name
Other
zeroheight
Recommendations
Enable compression (gzip/brotli) to improve performance