| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Connection | keep-alive |
| X-Content-Type-Options | nosniff |
| Etag | "4b757822c638ba06787047ef9e032d01-gzip" |
| Vary | Accept-Encoding |
| Strict-Transport-Security | max-age=300; includeSubDomains; preload |
| Cache-Control | max-age=600, public |
| X-Xss-Protection | 1 |
| X-Frame-Options | sameorigin |
| Date | Sat, 19 Apr 2025 01:19:19 GMT |
| Content-Type | text/html; charset=UTF-8 |
| Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fastly.boarshead.com *.typekit.net ajax.googleapis.com *.addthis.com www.googletagmanager.com www.googleadservices.com www.google-analytics.com www.bugherd.com *.facebook.net *.facebook.com www.google-analytics.com *.chartbeat.com *.pinterest.com *.youtube.com *.serving-sys.com *.ytimg.com a248.e.akamai.net dnn506yrbagrg.cloudfront.net *.addthisedge.com *.twitter.com *.newrelic.com cdn.ampproject.org *.google.com *.nr-data.net hosted.where2stageit.com *.omnivirt.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://edge.marker.io https://marker.io *.pinimg.com *.chicoryapp.com chicoryapp.com *.quantserve.com *.quantcount.com *.cookielaw.org *.onetrust.com *.blob.core.windows.net *.moatads.com cdnjs.cloudflare.com https://cdn.tiny.cloud *.ensighten.com *.adsrvr.org *.pdst.fm *.spotify.com *.spotifycdn.com https://analytics.tiktok.com *.addtoany.com *.gstatic.com code.jquery.com https://*.bugherd.com; font-src 'self' data: *.typekit.net *.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://marker.io https://edge.marker.io *.onetrust.com https://fastly.boarshead.com; style-src 'self' 'unsafe-inline' https://fastly.boarshead.com tagmanager.google.com fonts.googleapis.com *.myfonts.net *.onetrust.com *.typography.com https://cdn.tiny.cloud *.typekit.net *.googletagmanager.com; img-src 'self' blob: data: https://fastly.boarshead.com *.typekit.net www.google-analytics.com *.facebook.com *.chartbeat.net *.ytimg.com img.youtube.com *.adsrvr.org *.pinterest.com *.doubleclick.net *.gstatic.com *.google.com loadm.exelator.com ib.adnxs.com odr.mookie1.com tags.rd.linksynergy.com image2.pubmatic.com i.liadm.com io.narrative.io dmp.truoptik.com e.nexac.com match.sharethrough.com pixel.advertising.com pixel.tapad.com ads.scorecardresearch.com x.bidswitch.net adadvisor.net t.mookie1.com *.boarshead.com boarshead.com load77.exelator.com *.cdninstagram.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://media.marker.io https://marker.io https://edge.marker.io *.mathtag.com *.quantserve.com *.cookielaw.org *.twitter.com https://sp.tinymce.com/ *.docker.localhost/ https://www.googletagmanager.com https://boarshead.s3.us-west-2.amazonaws.com; connect-src 'self' performance.typekit.net *.facebook.com *.addthis.com www.googletagmanager.com *.boarshead.com *.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://api.marker.io https://ssr.marker.io https://*.pinterest.com chicoryapp.com *.chicoryapp.com *.cookielaw.org *.blob.core.windows.net *.onetrust.com *.doubleclick.net *.nr-data.net *.cloudfunctions.net https://adservice.google.com https://www.google.com *.sentry.io https://analytics.tiktok.com https://pixels.spotify.com; frame-src 'self' *.youtube.com *.addthis.com *.twitter.com *.facebook.com *.facebook.net *.doubleclick.net *.google.com locations.boarshead.com *.omnivirt.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://marker.io/ *.chicoryapp.com chicoryapp.com https://app.marker.io *.pinterest.com https://*.pinterest.com https://*.adsrvr.org https://ct.pinterest.com https://*.adsrvr.org https://*.spotify.com https://static.addtoany.com; child-src https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://marker.io; media-src 'self' blob: *.vimeo.com download-video.akamaized.net gcs-vimeo.akamaized.net *.vimeocdn.com *.omnivirt.com *.youtube.com vod-progressive.akamaized.net https://media.marker.io https://marker.io https://marker.io https://edge.marker.io https://boarshead.s3.us-west-2.amazonaws.com; object-src 'self'; form-action *; report-uri https://boarshead.endpoint.csper.io; |
| Set-Cookie | boars_head_rebuild_session=eyJpdiI6Ik5BOWVsdHdFWUdSV0ducnEzN1J4VHc9PSIsInZhbHVlIjoidjhya1ZmaGs0anBjQlJZN256THRkaythOUxSbUMzb0lTaFIzWTRwQVJ4V3VVclplU29DWDZ4cmwrRitqMEh4aTErUzBFaEJqU3JxOEJXaUpQSkFxa3ZVcXdwR3U1RTc1bzVmWUYyQW9Md0NHcVFzSmExb1FDdWFZeGtTamlKT3EiLCJtYWMiOiI4ZDA2NzRlNGE0MDEwMDk3ZDY1NDZlMzllYjY0MmQ3NzhlODNjNjQxNmMxNDBiY2JiMWE3MTE1YTFhYzU4ZmNiIiwidGFnIjoiIn0%3D; expires=Sat, 19-Apr-2025 03:19:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar