Open
Cached
·
3h ago
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Weak
upgrade-insecure-requests
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Caching Headers
2 headers
Cache-Control
Caching
s-maxage=36000, max-age=5
Last-Modified
Caching
Fri, 23 Jan 2026 00:11:24 GMT
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_cfuvid=7p.IpgEScVs7hDd6nnazGbP185GvYi96GJYpWIYR1NM-1769196204804-0.0.1.1-604800000; path=/; domain=.www.xponential.com; HttpOnly; Secure; SameSite=None
Other Headers
15 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Ray
Other
9c29aa57aca4c97b-IAD
Date
Other
Fri, 23 Jan 2026 19:23:24 GMT
Edge-Cache-Tag
Other
CT-79866540374,P-6406677,W-1658538749264,W-1658787676735,W-1658797269999,W-1660768013931,W-1660945321164,W-1660976459024,W-1769112081921,W-79872194485,W-82715837267,W-85104963628,CW-205683544925,CW-79752776832,CW-79981424030,CW-79983797790,CW-80160527932,CW-82057725365,CW-82487195213,CW-82511329299,E-116645748867,E-116647846492,E-205599882071,E-52864119589,E-79881769117,E-81465465231,E-87930039927,MENU-79872194485,MENU-82715837267,MENU-85104963628,PGS-ALL,SW-2,GC-85104963967
Link
Other
</hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js>; rel=preload; as=script,<https://www.xponential.com/hubfs/hub_generated/template_assets/1/116645748867/1742875941727/template_styles.min.css>; rel=preload; as=style,<https://www.xponential.com/hubfs/hub_generated/module_assets/1/79981424030/1742938868789/module_nav-cli.min.css>; rel=preload; as=style,<https://www.xponential.com/hubfs/hub_generated/module_assets/1/79983797790/1742938871214/module_hero-cli.min.css>; rel=preload; as=style,<https://www.xponential.com/hubfs/hub_generated/module_assets/1/80160527932/1742938878684/module_content-block-cli.min.css>; rel=preload; as=style,<https://www.xponential.com/hubfs/hub_generated/module_assets/1/205683544925/1769113874111/module_MH_image-hover-gallery-cli_copy.min.css>; rel=preload; as=style,<https://www.xponential.com/hubfs/hub_generated/module_assets/1/82487195213/1742938945737/module_experience-blocks-cli.min.css>; rel=preload; as=style
Nel
Other
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To
Other
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FR9JOVMwCs2kr3r6cF9tfIKdbXpug%2FBHanHI1CNhYvVnCApeUupxgkUA6XmIDwAsJGDqhOzypmPJ1TDgMYOggElgz6Qa0g6MmD1ElMW7%2Bv5vyEr%2BcGpsakF94Id0h6WqmXq6cA%3D%3D"}],"group":"cf-nel","max_age":604800}
X-Hs-Cache-Config
Other
BrowserCache-5s-EdgeCache-180s
X-Hs-Cache-Control
Other
s-maxage=36000, max-age=0
X-Hs-Cf-Cache-Status
Other
HIT
X-Hs-Cfworker-Meta
Other
{"contentType":"SITE_PAGE","resolver":"PreRenderedContentResolver"}
X-Hs-Content-Id
Other
79866540374
X-Hs-Hub-Id
Other
6406677
X-Hs-Portal-Id
Other
6406677
X-Hs-Prerendered
Other
Fri, 23 Jan 2026 00:11:24 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance