Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; img-src; object-src; +7 more
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; object-src 'none'; font-src 'self' data: https://static.rain.com https://fonts.intercomcdn.com; media-src * blob:; frame-ancestors 'self' ; connect-src *; script-src * 'unsafe-inline' 'unsafe-eval'; frame-src * blob:; style-src * 'unsafe-inline';
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
accept-encoding
Caching Headers
0 headers
No caching headers found
Content Headers
1 headers
Content-Type
Content
text/html
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=EKAJTlPTeAn9HV5fSg42eSYioXJ3G_e5sfTDnFEtjus-1767330038.6713686-1.0.1.1-ofhIpHyJRGDg5C.RAfgddUiC4DVmzqpjuyMN.16IcUh2.odS4kQxgeedW91OhZngvafe0XPtmP2RXZFbrqYnbKag81_.JXOVpNsdyLsqIpNVoBb6xTHvmG1RfQCSuoEl; HttpOnly; Secure; Path=/; Domain=rain.com; Expires=Fri, 02 Jan 2026 05:30:38 GMT
Other Headers
5 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9b77b1a5bae9e646-IAD
Date
Other
Fri, 02 Jan 2026 05:00:38 GMT
Link
Other
</main.a8437e2cd0a40910e7db.js>; rel=preload; as=script, </main.f5103442a8595dac2eef.css>; rel=preload; as=style, </static/landing-web/2025.12.22-build-0/remoteEntry.js>; rel=preload; as=script, </static/landing-web/2025.12.22-build-0/501.a33be75e3bf4508d1214.js>; rel=preload; as=script, </static/landing-web/2025.12.22-build-0/141.a33be75e3bf4508d1214.js>; rel=preload; as=script, <https://static.cloudflareinsights.com/beacon.min.js>; rel=preload; as=script, </static/landing-web/2025.12.22-build-0/501.7ee843f2641a9bcd9a5b.css>; rel=preload; as=style, </static/landing-web/2025.12.22-build-0/141.32809c844c05b5da8ab3.css>; rel=preload; as=style, </static/landing-web/2025.12.22-build-0/locales/en/dictionary.json>; rel=preload; as=fetch; crossorigin, </static/fonts/v1/Graphik-Regular-Web.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin, </static/fonts/v1/TiemposHeadline-Light.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin, <https://static.rain.com>; rel="dns-prefetch", <https://images.ctfassets.net>; rel="dns-prefetch"
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching