| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Cache-Status | HIT from content-cache-il3/1 |
| Accept-Ranges | bytes |
| Content-Security-Policy | default-src 'self'; img-src data: blob: *; script-src-elem 'self' assets.ubuntu.com www.google-analytics.com www.googletagmanager.com dev.visualwebsiteoptimizer.com www.youtube.com asciinema.org player.vimeo.com script.crazyegg.com w.usabilla.com munchkin.marketo.net serve.nrich.ai ml314.com scout-cdn.salesloft.com snippet.maze.co www.googleadservices.com js.zi-scripts.com *.g.doubleclick.net www.google.com www.gstatic.com *.googlesyndication.com js.stripe.com d3js.org www.brighttalk.com cdnjs.cloudflare.com static.ads-twitter.com *.cdn.digitaloceanspaces.com www.redditstatic.com snap.licdn.com connect.facebook.net jspm.dev cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com www.tfaforms.com api.usabilla.com *.cloudfront.net 'unsafe-inline'; font-src 'self' assets.ubuntu.com cdn.livechatinc.com secure.livechatinc.com fonts.google.com; script-src 'self' blob: 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' *.googlesyndication.com www.google.com ubuntu.com analytics.google.com www.googletagmanager.com sentry.is.canonical.com www.google-analytics.com *.crazyegg.com scout.salesloft.com *.g.doubleclick.net js.zi-scripts.com *.mktoresp.com prompts.maze.co *.google-analytics.com pixel-config.reddit.com www.redditstatic.com conversions-config.reddit.com px.ads.linkedin.com ws.zoominfo.com api.livechatinc.com cdn.livechatinc.com secure.livechatinc.com youtube.com google.com fonts.google.com api.text.com; frame-src 'self' *.doubleclick.net www.youtube.com/ asciinema.org player.vimeo.com js.stripe.com www.googletagmanager.com www.google.com www.brighttalk.com cdn.livechatinc.com secure.livechatinc.com cdn.livechat-static.com *.cloudfront.net app3.trueability.com app.trueability.com; style-src *.cloudfront.net 'self' 'unsafe-inline'; media-src 'self' res.cloudinary.com cdn.livechatinc.com secure.livechatinc.com cdn.livechat-static.com; child-src api.livechatinc.com cdn.livechatinc.com secure.livechatinc.com youtube.com google.com fonts.google.com; |
| Referrer-Policy | strict-origin-when-cross-origin |
| Cache-Control | max-age=60, stale-while-revalidate=86400, stale-if-error=300 |
| Strict-Transport-Security | max-age=15724800 |
| Link | <https://assets.ubuntu.com>; rel=preconnect; crossorigin, <https://assets.ubuntu.com>; rel=preconnect, <https://res.cloudinary.com>; rel=preconnect |
| Server | nginx/1.14.0 (Ubuntu) |
| Content-Type | text/html; charset=utf-8 |
| Cross-Origin-Opener-Policy | same-origin-allow-popups |
| Cross-Origin-Resource-Policy | cross-origin |
| X-View-Name | canonicalwebteam.templatefinder.templatefinder.template_finder |
| X-Request-Id | ac7b8542a4c4dddc44f34414957a5def |
| Cross-Origin-Embedder-Policy | unsafe-none |
| Vary | Accept-Encoding |
| X-Content-Type-Options | NOSNIFF |
| Date | Sun, 06 Apr 2025 07:52:57 GMT |
| X-Permitted-Cross-Domain-Policies | none |
| X-Clacks-Overhead | GNU Terry Pratchett |
| Permissions-Policy | interest-cohort=() |
| X-Vcs-Revision | 1743753457-ca6fe77 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar