Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; worker-src; +9 more
default-src 'self' https://*.cloudfront.net https://cdn.wolfia.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.sentry-cdn.com https://apis.google.com https://accounts.google.com https://connect.nango.dev https://us-assets.i.posthog.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://cdn.wolfia.com https://cookiechimp.com https://cdn.jsdelivr.net https://app.chatwoot.com https://cdn.vector.co https://d-code.liadm.com https://*.usbrowserspeed.com; worker-src 'self' blob: https://cdnjs.cloudflare.com https://*.cloudfront.net https://cdn.wolfia.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://rsms.me https://*.cloudfront.net https://cdn.wolfia.com https://cdn.jsdelivr.net; img-src 'self' data: https://*.googleusercontent.com https://*.randomuser.me https://*.amazonaws.com https://*.cloudfront.net https://cdn.wolfia.com https://us-assets.i.posthog.com https://us.i.posthog.com https://workoscdn.com https://*.liadm.com https://*.logo.dev; font-src 'self' https://fonts.gstatic.com https://rsms.me https://*.cloudfront.net https://cdn.wolfia.com; connect-src 'self' https://api.wolfia.com https://api-dev.wolfia.com wss://api.wolfia.com wss://api-dev.wolfia.com *.sentry.io https://api.nango.dev https://us.i.posthog.com https://us-assets.i.posthog.com *.amazonaws.com https://*.cloudfront.net https://cookiechimp.com https://app.chatwoot.com wss://app.chatwoot.com https://cdn.jsdelivr.net https://*.mesh-interactive.com https://api.withmesh.com https://api.ipify.org https://*.usbrowserspeed.com https://d-code.liadm.com https://*.liadm.com https://api.vector.co https://pro.ip-api.com https://graph.microsoft.com https://*.sharepoint.com; frame-ancestors 'none'; frame-src 'self' https://connect.nango.dev https://docs.google.com *.amazonaws.com https://cookiechimp.com https://app.chatwoot.com https://*.liadm.com; manifest-src 'self' https://*.cloudfront.net https://cdn.wolfia.com; base-uri 'self'; form-action 'self' https://*.sharepoint.com
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=(), payment=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
2 headers
Connection
Performance
close
Vary
Performance
Origin
Caching Headers
2 headers
Cache-Control
Caching
public, max-age=0, must-revalidate
Etag
Caching
"gvbgwl7q372r72"
Content Headers
2 headers
Content-Length
Content
128559
Content-Type
Content
text/html; charset=utf-8
Server Headers
0 headers
No server headers found
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
AWSALBCORS=RTCRS9Wm4IgoivLd2D5PQXwKfZPMDjPJErxuu0FyrpCv9m271S1HtSzridm7YDoRR5BGf2W6gAHpHTBDpnBuDCF67n/B2oxO41IRZI1NpubAQTOTE/gTFzLA2AB6; Expires=Wed, 07 Jan 2026 19:53:15 GMT; Path=/; SameSite=None; Secure
Other Headers
9 headers
Alt-Svc
Other
h3=":443"; ma=86400
Date
Other
Wed, 31 Dec 2025 19:53:15 GMT
Via
Other
1.1 250ea4ca8ce2f7eebcecc24867e5b22c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
D5JnHiHBJXpnkk3nlqI6BLw8IK8TA5f_T6O3SxNFNyHfai7fpAiRkg==
X-Amz-Cf-Pop
Other
IAD61-P11
X-Cache
Other
Miss from cloudfront
X-Ratelimit-Limit
Other
200
X-Ratelimit-Remaining
Other
199
X-Ratelimit-Reset
Other
1767210855680
Recommendations
Enable compression (gzip/brotli) to improve performance