Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15552000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; frame-src; connect-src; +7 more
default-src 'self'; frame-src 'self' accounts.google.com www.youtube-nocookie.com www.loom.com player.vimeo.com; connect-src 'self' api.aysr.io app.aysr.io api.revenuehero.io app.revenuehero.io api.askoperator.io ekorn.revenuehero.io cloud.axiom.co vercel.live stream.mux.com inferred.litix.io *.fastly.mux.com *.cfcdn.mux.com *.clarity.ms; font-src 'self'; img-src 'self' image.mux.com logo.clearbit.com app-data-development.s3.us-east-1.amazonaws.com app-data-development.s3.amazonaws.com app-data-staging.s3.us-east-1.amazonaws.com app-data-staging.s3.amazonaws.com rh-app-data-prod.s3.us-east-1.amazonaws.com rh-app-data-prod.s3.amazonaws.com blob: data: *.aysr.io *.revenuehero.io *.clarity.ms; media-src 'self' blob: image.mux.com stream.mux.com *.fastly.mux.com *.cfcdn.mux.com; object-src 'self'; script-src 'self' 'strict-dynamic' https: 'unsafe-inline' 'unsafe-eval' vercel.live cdn.jsdelivr.net *.clarity.ms 'nonce-Cc+eqB84pCjWNFwXinVqIw=='; style-src 'self' 'unsafe-inline'; frame-ancestors *
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
accept-encoding
Caching Headers
3 headers
Age
Caching
0
Cache-Control
Caching
public, max-age=0, must-revalidate
Etag
Caching
W/"1y318hf"
Content Headers
1 headers
Content-Type
Content
text/html
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
8 headers
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9c2668d2f83e1fe5-IAD
Date
Other
Fri, 23 Jan 2026 09:54:24 GMT
Link
Other
<./_app/immutable/assets/_layout.fmTM2Ljm.css>; rel="preload";as="style"; nopush, <./_app/immutable/entry/start.uwZN3yFj.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/entry.k17HCP67.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/scheduler.J7BKb6oh.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/index.JmlisS76.js>; rel="modulepreload"; nopush, <./_app/immutable/entry/app.RN8lYoMj.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/preload-helper.0HuHagjb.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/index.VQ4ea4O0.js>; rel="modulepreload"; nopush, <./_app/immutable/nodes/0.mxyIblVF.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/parseLocale.za9gWqyB.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/runtime.jzvKViUk.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/locale.allzkj91.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/_layout.snQqCSG0.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/globals.0cDDIVm6.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/spread.rEx3vLA9.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/stores.btPETwu0.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/domUtils.GHz5auG7.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/index.xBcdEvfA.js>; rel="modulepreload"; nopush, <./_app/immutable/nodes/3.jA1Dgdd9.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/withElements.lfNZwGfp.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/index.ActUsoqd.js>; rel="modulepreload"; nopush, <https://meet.trainual.com/404?embed=true>; rel="iframely"; type="text/html"
X-Dns-Prefetch-Control
Other
on
X-Sveltekit-Page
Other
true
X-Vercel-Cache
Other
MISS
X-Vercel-Id
Other
iad1::cle1::nxm8g-1769162064135-91ad0e421f5e
Recommendations
Enable compression (gzip/brotli) to improve performance