| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Content-Type | text/html |
| X-Cache | Hit from cloudfront |
| Vary | Accept-Encoding |
| Content-Security-Policy | frame-ancestors 'self' https://www.google.com/; default-src https: 'unsafe-eval' 'unsafe-inline' 'self' http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; font-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https: blob:; connect-src 'self' https://api.hsforms.com https://bat.bing.net https://z.omappapi.com https://www.google-analytics.com https://tracking-api.g2.com https://aplo-evnt.com https://tracking-api.production.g2.com/attribution_tracking/conversions/assign https://api.factors.ai/sdk/event/update_properties https://api.factors.ai/sdk/event/track https://api.factors.ai/sdk/user/add_properties https://api.factors.ai/sdk/get_info https://www.google.com/ccm/collect https://forms.hscollectedforms.net/collected-forms/v1/config/json https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json https://api.identitymatrix.ai/tracking/collect https://a.omappapi.com/ https://bat.bing.com/ https://metrics.hotjar.io/ https://google.com/ccm/form-data/936575551 https://analytics.google.com https://pixel-config.reddit.com/pixels/t2_tc9ivusr/config https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_tc9ivusr_telemetry https://conversions-config.reddit.com/v1/pixel/error wss://ws.hotjar.com https://px.ads.linkedin.com/attribution_trigger https://px.ads.linkedin.com/wa/ https://content.hotjar.io https://vc.hotjar.io https://stats.g.doubleclick.net https://orders.resilio.com https://api-iam.intercom.io https://global.sitesearch360.com https://insights.sitesearch360.com https://ws.zoominfo.com https://google.com/pagead/form-data/936575551 https://tracking.g2crowd.com https://api.omappapi.com https://js.zi-scripts.com https://region1.analytics.google.com wss://nexus-websocket-a.intercom.io; img-src 'self' https: data: |
| Via | 1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront) |
| X-Amz-Cf-Pop | AMS58-P3 |
| Alt-Svc | h3=":443"; ma=86400 |
| X-Amz-Version-Id | JmlfVxMnRJpD8M5lfuP9eHiPsTY0_cmS |
| Server | AmazonS3 |
| Etag | W/"b15bfa2a68f87d28375d56696d71290d" |
| X-Amz-Cf-Id | GEGv9ClTYSsAFicqG5FFInb-gwnQjmo5vh0vvmQgLHpgrAtPBiAljw== |
| Date | Mon, 07 Apr 2025 23:56:52 GMT |
| Last-Modified | Sun, 06 Apr 2025 23:20:18 GMT |
| X-Content-Type-Options | nosniff |
| Referrer-Policy | same-origin |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| Connection | keep-alive |
| X-Amz-Request-Id | 3CPN5E3KBFNCBZ3X |
| X-Xss-Protection | 1; mode=block |
| Age | 52407 |
| X-Amz-Id-2 | 2Rtck1O13djp6hGQHi3G+O29xDUgGzvFXdn95hMCgFSFYcPQ9a+LfCz1CWnFPLC//utnnf8MwO8= |
| X-Frame-Options | sameorigin |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar