| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Permitted-Cross-Domain-Policies | none |
| X-Request-Id | ad3a6ba4-c853-46d3-a049-e1640edc9eaa |
| Referrer-Policy | origin-when-cross-origin, strict-origin-when-cross-origin |
| Etag | W/"92cf69d1c20c22b5e13178884e4f3a36" |
| Expires | Fri, 01 Jan 1990 00:00:00 GMT |
| Server | nginx |
| Set-Cookie | ahoy_visitor=cd46c048-01f8-43ca-9fc6-1a07a4b126c2; path=/; expires=Mon, 05 Apr 2027 22:31:08 GMT; SameSite=Lax; secure; HttpOnly |
| Strict-Transport-Security | max-age=631138519 |
| X-Frame-Options | DENY |
| X-Runtime | 0.031582 |
| Date | Sat, 05 Apr 2025 22:31:08 GMT |
| Content-Security-Policy | default-src 'none'; base-uri 'self' docs.helpscout.net; block-all-mixed-content; child-src 'self' assets.braintreegateway.com assets.rescuetime.com assets-dev.rescuetime.com c.paypal.com www.youtube.com player.vimeo.com fast.wistia.net moz-extension://* chrome-extension://*; connect-src 'self' www.rescuetime.com dev.rescuetime.com d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.sandbox.braintreegateway.com client-analytics.braintreegateway.com *.braintree-api.com *.paypal.com www.google-analytics.com connect.facebook.net www.facebook.com ysxtsrzt2b4s.statuspage.io rescuetime.helpscoutdocs.com secure.helpscout.net api.ipify.org beaconapi.helpscout.net chatapi.helpscout.net d3hb14vkzrxvla.cloudfront.net stats.g.doubleclick.net *.sumologic.com sentry.io *.ingest.sentry.io *.sentry-cdn.com wss: wss://*.pusher.com slack.com *.asana.com trello.com *.atlassian.com github.com *.google.com exist.io *.visualwebsiteoptimizer.com app.vwo.com logo.clearbit.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.gist.build blog.rescuetime.com *.fontawesome.com *.getharvest.com; font-src 'self' data: d1tc833ex4oc93.cloudfront.net www.rescuetime.com dev.rescuetime.com assets.rescuetime.com assets-dev.rescuetime.com fonts.gstatic.com app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.gist.build *.fontawesome.com; form-action 'self' www.rescuetime.com dev.rescuetime.com community.rescuetime.com blog.rescuetime.com *.welltory.com slack.com *.asana.com trello.com *.atlassian.com github.com *.github.com google.com *.google.com *.microsoftonline.com twitter.com *.twitter.com facebook.com *.facebook.com linkedin.com *.linkedin.com spotify.com *.spotify.com getharvest.com *.getharvest.com; frame-ancestors moz-extension://* chrome-extension://*; frame-src 'self' www.rescuetime.com dev.rescuetime.com d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com assets.braintreegateway.com *.paypal.com djtflbt20bdde.cloudfront.net beacon-v2.helpscout.net platform.twitter.com www.googletagmanager.com www.google.com bid.g.doubleclick.net *.facebook.com tst.kaptcha.com ssl.kaptcha.com www.youtube.com moz-extension://* chrome-extension://* ifttt.com *.vimeo.com app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.userreport.com *.gist.build; img-src 'self' www.rescuetime.com dev.rescuetime.com data: d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com assets.braintreegateway.com *.paypal.com platform.twitter.com pbs.twimg.com www.google-analytics.com connect.facebook.net *.facebook.com d33v4339jhl8k0.cloudfront.net moz-extension://* chrome-extension://* via.placeholder.com ifttt.com api.producthunt.com zapier.com cdn.zapier.com www.google.com googleads.g.doubleclick.net *.adsymptotic.com *.visualwebsiteoptimizer.com *.ads.linkedin.com app.vwo.com track.customer.io secure.gravatar.com logo.clearbit.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.scdn.co *.userreport.com *.gist.build *.spotify.com *.spotifycdn.com; manifest-src 'self'; media-src 'self' www.rescuetime.com dev.rescuetime.com beacon-v2.helpscout.net support-media-storage.s3.amazonaws.com d3ccrbqtj64zhq.cloudfront.net support-media.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com; object-src 'self' www.rescuetime.com dev.rescuetime.com djtflbt20bdde.cloudfront.net beacon-v2.helpscout.net assets.rescuetime.com assets-dev.rescuetime.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.rescuetime.com dev.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com d12wqas9hcki3z.cloudfront.net d33v4339jhl8k0.cloudfront.net djtflbt20bdde.cloudfront.net beacon-v2.helpscout.net cdn.ravenjs.com platform.twitter.com www.google-analytics.com www.googletagmanager.com www.google.com www.googleadservices.com googleads.g.doubleclick.net www.gstatic.com zapier.com connect.facebook.net dev.visualwebsiteoptimizer.com app.vwo.com cdn.rawgit.com player.vimeo.com assets.customer.io *.licdn.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.sentry-cdn.com *.gist.build gist-queue-consumer-api.cloud.gist.build ajax.googleapis.com blog.rescuetime.com *.userreport.com *.fontawesome.com; style-src 'self' 'unsafe-inline' www.rescuetime.com dev.rescuetime.com d1tc833ex4oc93.cloudfront.net assets.rescuetime.com assets-dev.rescuetime.com fonts.googleapis.com beacon-v2.helpscout.net d12wqas9hcki3z.cloudfront.net djtflbt20bdde.cloudfront.net app.vwo.com *.ubembed.com *.userleap.com *.sprig.com *.usersnap.com *.gist.build *.fontawesome.com; upgrade-insecure-requests; worker-src blob:; report-uri https://www.rescuetime.com/csp-report |
| Content-Type | text/html; charset=utf-8 |
| Pragma | no-cache |
| Vary | Accept-Encoding |
| X-Download-Options | noopen |
| Link | <https://assets.rescuetime.com/assets/marketing-3013c15e21047e1ff4b4be2b34629fedfa56d05f6db33f69f1676c572c805885.css>; rel=preload; as=style; nopush,<https://assets.rescuetime.com/assets/marketing-5b09a934a226f56dfb87a20e8803ab82f46414b2b2285246c1b767cbacfe8321.js>; rel=preload; as=script; nopush,<https://assets.rescuetime.com/assets/se-v2-a056010f87ca672f0a909ca43e75de11707f4008385d97bfb2e196a5cdbd224f.js>; rel=preload; as=script; nopush,<https://assets.rescuetime.com/assets/statuspage-06cd6e57100e9031845821ddfa456a51ec6da863a5ea2db3883d2f196da3d5c4.css>; rel=preload; as=style; nopush |
| X-Content-Type-Options | nosniff |
| X-Rescuetime-Release-Version | 8f95cd19aac9097b1d95b188a7c5ef39d23e5ca3 |
| X-Xss-Protection | 1; mode=block |
| Connection | keep-alive |
| Cache-Control | no-store |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar