| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Nextjs-Prerender | 1 |
| X-Xss-Protection | 1; mode=block |
| Content-Type | text/html; charset=utf-8 |
| Cf-Cache-Status | DYNAMIC |
| Age | 288565 |
| X-Matched-Path | / |
| Referrer-Policy | same-origin |
| Server | cloudflare |
| Cf-Ray | 932a43606b2f57f0-AMS |
| Set-Cookie | wv_g_rfr=https%3A%2F%2Fgetweave.com%2F; Path=/; Expires=Mon, 19 May 2025 06:14:42 GMT; Max-Age=2592000 |
| Strict-Transport-Security | max-age=63072000 |
| Permissions-Policy | geolocation=(self),microphone=(),midi=(),sync-xhr=(),magnetometer=(),fullscreen=(self), camera=() |
| Content-Security-Policy | default-src 'self' 'unsafe-inline' blob: data: *.getweave.com *.pantheonsite.io *.vercel.app vercel.live *.vercel.com vercel.com vitals.vercel-insights.com *.google.com *.googleusercontent.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.googleadservices.com googleads.g.doubleclick.net *.doubleclick.net fonts.gstatic.com storage.googleapis.com *.wistia.com *.wistia.net embedwistia-a.akamaihd.net embed-ssl.wistia.com *.mux.com *.litix.io *.youtube.com i.ytimg.com/ tracking.g2crowd.com *.krxd.net *.facebook.net *.facebook.com server-side-tagging-pspp4zgo4q-uc.a.run.app alb.reddit.com pixel-config.reddit.com/pixels/ *.redditstatic.com dpm.demdex.net/ analytics.pangle-ads.com/api/ analytics.tiktok.com dsum-sec.casalemedia.com/ *.addthis.com/ uipglob.semasio.net/ *.bidswitch.net/ open.spotify.com usermatch.krxd.net/ *.analytics.yahoo.com https://analytics.tiktok.com q.quora.com cdn.linkedin.oribi.io px.ads.linkedin.com *.liadm.com t.co ads-twitter.com static.ads-twitter.com ads-api.twitter.com analytics.twitter.com *.acsbapp.com acsbapp.com tags.bluekai.com *.steelhousemedia.com https://sockjs-mt1.pusher.com/ insight.adsrvr.org match.adsrvr.org p.adsymptotic.com assets.adobetm.com *.qualified.com wss://ws.qualified.com *.taboola.com *.clarity.ms *.bing.com https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://vimeo.com/ https://player.vimeo.com/ ws: https://35.85.84.151/ https://44.238.122.172/ https://100.20.58.101/ https://44.228.85.26/ https://34.215.155.61/ https://35.160.46.251/ hooks.zapier.com *.yimg.com cdn.cookielaw.org stats.g.doubleclick.net https://sockjs-mt1.pusher.com/ wss://ws-mt1.pusher.com/ *.growthbook.io https://sweepwidget.com/ https://sweepwidgethosts.fra1.cdn.digitaloceanspaces.com/ ws-assets.zoominfo.com/formcomplete.js api.schedule.zoominfo.com js.zi-scripts.com ws.zoominfo.com tags.clickagy.com aorta.clickagy.com hemsync.clickagy.com www.cloudflare.com/cdn-cgi/ trail.grin.co/ user-images.trustpilot.com ik.imagekit.io/senja ui-avatars.com/api senja-lh3.b-cdn.net reviews.capterra.com/cdn/profile-images cdn0.capterra-static.com images.g2crowd.com *.nextdoor.com *.evergage.com/; style-src 'self' vercel.live/fonts 'unsafe-inline' https://fonts.googleapis.com hello.myfonts.net https://www.googletagmanager.com/debug/badge.css blob: https://fast.wistia.com https://goto.getweave.com fonts.googleapis.com; script-src 'self' blob: 'unsafe-eval' 'unsafe-inline' *.gstatic.com *.g2crowd.com *.bing.com *.dialogtech.com *.cloudfront.net https://s.yimg.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com https://googleads.g.doubleclick.net *.google.com https://www.googleanalytics.com https://analytics.tiktok.com https://cdn.cookielaw.org https://js.drift.com connect.facebook.net *.qualified.com *.mountain.com *.redditstatic.com static.ads-twitter.com snap.licdn.com assets.adobedtm.com insight.adsrvr.org https://polyfill.io vitals.vercel-insights.com vercel.live/ vercel.com https://fast.ssqt.io *.vercel-scripts.com js.zi-scripts.com ws.zoominfo.com tags.clickagy.com *.acsbapp.com https://acsbapp.com https://*.clarity.ms https://va.vercel-scripts.com/v1/script.debug.js https://goto.getweave.com *.taboola.com *.nextdoor.com *.wistia.com *.wistia.net src.litix.io *.sentry-cdn.com https://www.youtube.com/ https://player.vimeo.com/ https://sweepwidget.com/w/j/w_init.js https://sweepwidget.com/external/ui/iframe/js/iframeResizer.js a.quora.com/qevents.js goto.getweave.com/js/forms2/js/forms2.min.js js.zi-scripts.com ws-assets.zoominfo.com schedule.zoominfo.com cdn.evgnet.com/ cdn.evergage.com/ |
| X-Frame-Options | SAMEORIGIN |
| Date | Sat, 19 Apr 2025 06:14:42 GMT |
| Access-Control-Allow-Origin | * |
| Cache-Control | public, s-maxage=3600, stale-while-revalidate=59 |
| Vary | accept-encoding |
| X-Nextjs-Stale-Time | 4294967294 |
| X-Vercel-Cache | HIT |
| X-Vercel-Id | fra1::xgtgw-1745043282024-ca5a974586a8 |
| Connection | keep-alive |
| Content-Disposition | inline |
| X-Content-Type-Options | nosniff |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar