Open
Cached
·
just now
14
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Good
default-src; font-src; style-src; +5 more
default-src 'self' *.aisoftware.com *.capacity.com *.userpilot.io 127.0.0.1:36850 https://*.boxcloud.com https://surfly.com https://aisoftware-core-application-assets.s3.us-east-1.amazonaws.com https://aisoftware-recordings-prod.s3.amazonaws.com https://app.getbeamer.com/js/beamer-embed.js https://browser-intake-datadoghq.com; font-src 'self' data: use.typekit.net fonts.gstatic.com fonts.googleapis.com https://*.getbeamer.com; style-src 'self' 'unsafe-inline' *.aisoftware.com *.capacity.com *.userpilot.io fonts.googleapis.com https://surfly.com https://*.getbeamer.com https://*.google-analytics.com https://*.googletagmanager.com https://*.boxcloud.com https://browser-intake-datadoghq.com; img-src * data: cid: urn: blob: https://*.google-analytics.com https://*.googletagmanager.com https://browser-intake-datadoghq.com; script-src 'self' blob: 'sha256-iuvXKJJeJnio6fSzayKorIbh/3zigd8fq14oT821f/U=' 'sha256-hyjsy5KPO8ohFtNDlOK5LQJXjXquz/7wZmOjZwQVhec=' 'sha256-FzAh3M9C/8KMRmJc/j5Dqn7kMdZXqmsW3u5248nHRwY=' 'sha256-fxjOcoNR7xb63OlfQ9/5EJMedjiI2/XVXZVoxc6NcYQ=' 'sha256-9MDnmkDlmXeK8XS6beFBi8UEXaANwh6GNB3T3SGiSjM=' 'sha256-FW/rloxQxs80AhWMAd8b8C/dAOx/jPIdf4KWH+iInMs=' 'sha256-kGUQiECb7HTB3+cdt9SV9OGtiju37vTHScB5TlU3tzo=' *.capacity.com *.aisoftware.com *.capacity.com *.userpilot.io use.typekit.net https://*.getbeamer.com https://*.googletagmanager.com https://*.boxcloud.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://surfly.com https://browser-intake-datadoghq.com; connect-src 'self' data: *.files.capacity.com *.aisoftware.com *.capacity.com *.textel.net *.userpilot.io *.googleapis.com wss://*.capacity.com wss://*.userpilot.io wss://127.0.0.1:36850 ws://127.0.0.1:36849 wss://foundation-na-signalr.service.signalr.net foundation-na-signalr.service.signalr.net https://*.getbeamer.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.boxcloud.com https://s3.amazonaws.com https://o171589.ingest.sentry.io http://aisoftware-concierge-kill-switch.s3-website-us-east-1.amazonaws.com https://surfly.com
https://browser-intake-datadoghq.com; frame-src * 'self'; frame-ancestors 'self' *.capacity.com *.external.capacity.com *.userpilot.io https://*.niceincontact.com https://*.incontact.com https://*.office.com https://*.boxcloud.com https://browser-intake-datadoghq.com https://*.five9.com https://surfly.com https://app.getbeamer.com https://apps.mypurecloud.com https://niceincontact.com https://incontact.com https://mail.google.com https://office.com https://zendesk.com https://five9.com
https://browser-intake-datadoghq.com;
X-Frame-Options
Excellent
deny
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Accept-Ranges
Performance
bytes
Connection
Performance
Close
Caching Headers
3 headers
Cache-Control
Caching
public, max-age=0
Etag
Caching
W/"1b51-19b34b5e6d8"
Last-Modified
Caching
Fri, 19 Dec 2025 03:44:55 GMT
Content Headers
2 headers
Content-Length
Content
6993
Content-Type
Content
text/html; charset=UTF-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
jane_webui_token=; Domain=webui.capacity.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
Other Headers
1 headers
Date
Other
Mon, 22 Dec 2025 03:33:49 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 210ms