| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Alt-Svc | h3=":443"; ma=86400 |
| Date | Mon, 07 Apr 2025 15:40:17 GMT |
| Cf-Cache-Status | HIT |
| Cache-Control | public, max-age=300, s-maxage=86400 |
| Vary | Accept-Encoding |
| Connection | keep-alive |
| Last-Modified | Mon, 07 Apr 2025 04:05:15 GMT |
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| Document-Policy | js-profiling |
| Content-Type | text/html; charset=utf-8 |
| Set-Cookie | whenWillThenBeNow=variation3; Path=/ |
| Content-Security-Policy | default-src *.webstaurantstore.com blob:; object-src 'none'; script-src *.webstaurantstore.com blob: 'unsafe-inline' 'unsafe-eval' 'report-sample' *.googleapis.com *.googlecommerce.com *.gstatic.com *.googleadservices.com *.google.com *.google-analytics.com *.facebook.net *.yimg.com *.yahoo.com *.bing.com *.bizrate.com *.shopzilla.com *.twitter.com *.linkedin.com *.longtailvideo.com *.pinterest.com www.googletagmanager.com www.resellerratings.com *.g.doubleclick.net a.quora.com js-agent.newrelic.com *.nr-data.net *.sitejabber.com s.pinimg.com www.redditstatic.com *.youtube.com/iframe_api *.ytimg.com dts57qhtf7twy.cloudfront.net js.cnnx.link *.taboola.com www.recaptcha.net *.trustpilot.com snap.licdn.com *.clarity.ms cdn.pricespider.com challenges.cloudflare.com *.tiktok.com assets.customer.io code.gist.build customerioforms.com *.youtube.com tpc.googlesyndication.com webstaurantstore.cdn-v3.conductrics.com webstaurantstore.conductrics.com *.coder-sandbox.dev.clarkinc.biz *.coder.dev.clarkinc.biz product-customization-api.clarkinc.biz product-customization-api.test.clarkinc.biz product-customization-api.dev.clarkinc.biz *.intentiq.com applepay.cdn-apple.com; style-src 'unsafe-inline' 'report-sample' *.webstaurantstore.com *.googleapis.com *.google.com *.resellerratings.com *.sitejabber.com dts57qhtf7twy.cloudfront.net *.bizrate.com *.googletagmanager.com code.gist.build webstaurantstore.conductrics.com *.coder-sandbox.dev.clarkinc.biz *.coder.dev.clarkinc.biz product-customization-api.clarkinc.biz product-customization-api.test.clarkinc.biz product-customization-api.dev.clarkinc.biz applepay.cdn-apple.com; img-src data: blob: *.webstaurantstore.com *.gstatic.com *.googlecommerce.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.paypal.com *.paypalobjects.com *.facebook.com *.staticflickr.com *.msn.com *.bing.com *.pricegrabber.com *.bizrate.com *.bizrateinsights.com *.googleadservices.com *.connexity.net *.doubleclick.net *.google.com *.linkedin.com *.twitter.com *.longtailvideo.com *.pinterest.com *.resellerratings.com q.quora.com *.nr-data.net *.sitejabber.com www.commerce-connector.com pinterest.adsymptotic.com p.adsymptotic.com *.cloudfront.net *.ytimg.com *.facebook.net cx.atdmt.com *.yahoo.com *.trustpilot.com *.clarity.ms *.taboola.com track.customer.io pagead2.googlesyndication.com alb.reddit.com *.liadm.com *.coder-sandbox.dev.clarkinc.biz *.coder.dev.clarkinc.biz *.intentiq.com *.bing.net applepay.cdn-apple.com; frame-src *.webstaurantstore.com *.googlecommerce.com *.doubleclick.net *.google.com *.facebook.com *.facebook.net *.youtube.com apps.kaonadn.net *.pinterest.com www.googletagmanager.com *.twitter.com *.trustpilot.com www.recaptcha.net *.creditkey.com tsdtocl.com challenges.cloudflare.com renderer.gist.build code.gist.build webstaurantstore.conductrics.com *.coder-sandbox.dev.clarkinc.biz *.coder.dev.clarkinc.biz *.taboola.com applepay.cdn-apple.com; font-src data: *.webstaurantstore.com *.gstatic.com *.sitejabber.com applepay.cdn-apple.com; connect-src *.webstaurantstore.com *.google-analytics.com www.resellerratings.com *.google.com *.linkedin.com stats.g.doubleclick.net *.clarkinc.biz bam.nr-data.net *.facebook.com *.sitejabber.com *.pinterest.com s.yimg.com *.ingest.us.sentry.io insights.bizrate.com *.bing.com *.bizrate.com blob: data: ship.cdldelivers.com *.gstatic.com *.clarity.ms js.cnnx.link kitchendash-web-app-service.azurewebsites.net kitchendash-web-app-service-test.azurewebsites.net kitchendash-web-app-service-prod.azurewebsites.net *.taboola.com pathinsights.pricespider.com *.api.smartystreets.com cdn.linkedin.oribi.io *.tiktok.com track.customer.io customerioforms.com *.api.gist.build *.cloud.gist.build *.youtube.com pagead2.googlesyndication.com webstaurantstore.cdn-v3.conductrics.com *.redditstatic.com product-customization-api.clarkinc.biz product-customization-api.test.clarkinc.biz product-customization-api.dev.clarkinc.biz *.googleadservices.com *.intentiq.com; report-uri https://stash.webstaurantstore.com/csp; frame-ancestors *.webstaurantstore.com *.therestaurantstore.com; |
| Correlation-Id | 4da9bcc4-60b9-4efe-b1d9-dbe05248a12a |
| X-Frame-Options | SAMEORIGIN |
| Server | cloudflare |
| Cf-Ray | 92ca9f615b2b6644-AMS |
| Age | 41118 |
| Ludicrous-Speed | GO |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar