16 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
base-uri; form-action; frame-ancestors; +6 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

Etag
Caching
W/"6358-cTZYYF77fEZSWflv33fRKarbmuI"

Content Headers

Content-Type
Content
text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date
Other
Sat, 18 Jul 2026 20:37:26 GMT
Feature-Policy
Other
geolocation 'none';microphone 'none';camera 'none';payment 'none'
X-Content-Security-Policy
Other
base-uri 'self'; form-action 'self'; frame-ancestors 'self'; font-src 'self' data: https://fonts.gstatic.com getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com; style-src 'self' 'unsafe-inline' fast.appcues.com producttourtool.jfrog.io api.appcues.net https://fonts.googleapis.com https://fonts.google.com getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com; worker-src 'self' blob:; img-src 'self' data: getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com https://*.appcues.com https://*.appcues.net res.cloudinary.com cdn.jsdelivr.net qwak-public.s3.amazonaws.com https://cdn-avatars.qwak.ai; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com youtube.com www.youtube.com fast.appcues.com api.appcues.net producttourtool.jfrog.io getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com https://*.chilipiper.com fullstory.com edge.fullstory.com 'nonce-voORXtskCmobsqFUDZRsqw=='; frame-src 'self' youtube.com www.youtube.com fast.appcues.com producttourtool.jfrog.io https://www.youtube-nocookie.com https://player.vimeo.com getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com https://*.chilipiper.com
X-Request-Id
Other
c3da8cf8177fa53f36629c1e8971da2c:0123456789101114:0123456789101114:0
X-Webkit-Csp
Other
base-uri 'self'; form-action 'self'; frame-ancestors 'self'; font-src 'self' data: https://fonts.gstatic.com getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com; style-src 'self' 'unsafe-inline' fast.appcues.com producttourtool.jfrog.io api.appcues.net https://fonts.googleapis.com https://fonts.google.com getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com; worker-src 'self' blob:; img-src 'self' data: getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com https://*.appcues.com https://*.appcues.net res.cloudinary.com cdn.jsdelivr.net qwak-public.s3.amazonaws.com https://cdn-avatars.qwak.ai; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com youtube.com www.youtube.com fast.appcues.com api.appcues.net producttourtool.jfrog.io getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com https://*.chilipiper.com fullstory.com edge.fullstory.com 'nonce-voORXtskCmobsqFUDZRsqw=='; frame-src 'self' youtube.com www.youtube.com fast.appcues.com producttourtool.jfrog.io https://www.youtube-nocookie.com https://player.vimeo.com getbeamer.com static.getbeamer.com app.getbeamer.com functions.getbeamer.com backend.getbeamer.com push.getbeamer.com https://*.chilipiper.com

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching