Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; worker-src; +9 more
default-src 'self' https://*.cloudfront.net https://cdn.wolfia.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.sentry-cdn.com https://apis.google.com https://accounts.google.com https://connect.nango.dev https://us-assets.i.posthog.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://cdn.wolfia.com https://cookiechimp.com https://cdn.jsdelivr.net https://app.chatwoot.com https://cdn.vector.co https://d-code.liadm.com https://*.usbrowserspeed.com; worker-src 'self' blob: https://cdnjs.cloudflare.com https://*.cloudfront.net https://cdn.wolfia.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://rsms.me https://*.cloudfront.net https://cdn.wolfia.com https://cdn.jsdelivr.net; img-src 'self' data: https://*.googleusercontent.com https://*.randomuser.me https://*.amazonaws.com https://*.cloudfront.net https://cdn.wolfia.com https://us-assets.i.posthog.com https://us.i.posthog.com https://workoscdn.com https://*.liadm.com https://*.logo.dev; font-src 'self' https://fonts.gstatic.com https://rsms.me https://*.cloudfront.net https://cdn.wolfia.com; connect-src 'self' https://api.wolfia.com https://api-dev.wolfia.com wss://api.wolfia.com wss://api-dev.wolfia.com *.sentry.io https://api.nango.dev https://us.i.posthog.com https://us-assets.i.posthog.com *.amazonaws.com https://*.cloudfront.net https://cookiechimp.com https://app.chatwoot.com wss://app.chatwoot.com https://cdn.jsdelivr.net https://*.mesh-interactive.com https://api.withmesh.com https://api.ipify.org https://*.usbrowserspeed.com https://d-code.liadm.com https://*.liadm.com https://api.vector.co https://pro.ip-api.com https://graph.microsoft.com https://*.sharepoint.com; frame-ancestors 'none'; frame-src 'self' https://connect.nango.dev https://docs.google.com *.amazonaws.com https://cookiechimp.com https://app.chatwoot.com https://*.liadm.com; manifest-src 'self' https://*.cloudfront.net https://cdn.wolfia.com; base-uri 'self'; form-action 'self' https://*.sharepoint.com
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=(), payment=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
2 headers
Connection
Performance
close
Vary
Performance
Origin
Caching Headers
2 headers
Cache-Control
Caching
public, s-maxage=60, stale-while-revalidate=300
Etag
Caching
"11eepcse4hdewa"
Content Headers
2 headers
Content-Length
Content
19314
Content-Type
Content
text/html; charset=utf-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
AWSALBCORS=1NhyJucdpyi+QTm8Rx20FQjoWf1Ghj7bECJWPom7TPBXcENix8potIdZTjFHkY0JDipSka4UEN5PQDH8wqBlZewcD/BDN11F373yuiztXl/mAgqxWwLk2grf3sgu; Expires=Tue, 06 Jan 2026 00:23:15 GMT; Path=/; SameSite=None; Secure
Other Headers
9 headers
Alt-Svc
Other
h3=":443"; ma=86400
Date
Other
Tue, 30 Dec 2025 00:23:15 GMT
Via
Other
1.1 d53e1a749c7769e8c1e1cc4b5cd6ae7c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
iINAzUFP4ofS_t0lJZBFGafEn8cbG002U1-6Uje2REC4WU1pVeYLUQ==
X-Amz-Cf-Pop
Other
IAD55-P9
X-Cache
Other
Miss from cloudfront
X-Ratelimit-Limit
Other
200
X-Ratelimit-Remaining
Other
199
X-Ratelimit-Reset
Other
1767054255474
Recommendations
Enable compression (gzip/brotli) to improve performance