Open
Cached
·
5h ago
20
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Good
default-src; base-uri; object-src; +10 more
default-src 'self'; base-uri 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' blob: cmp.osano.com consent.api.osano.com tattle.api.osano.com disclosure.api.osano.com fast.wistia.com fast.wistia.net embed-ssl.wistia.com js.hs-scripts.com js.hs-analytics.net js.hsforms.net js.hsadspixel.net js.hs-banner.com js.usemessages.com www.googletagmanager.com script.crazyegg.com snap.licdn.com scout-cdn.salesloft.com opps-widget.getwarmly.com unpkg.com stats.wp.com browser.sentry-cdn.com js.driftt.com widget.drift.com googleads.g.doubleclick.net www.googleadservices.com js.zi-scripts.com js.static.parmonic.ai www.buzzsprout.com buzzsprout.com dyv6f9ner1ir9.cloudfront.net; script-src-elem 'self' 'unsafe-inline' blob: cmp.osano.com consent.api.osano.com tattle.api.osano.com disclosure.api.osano.com fast.wistia.com fast.wistia.net embed-ssl.wistia.com js.hs-scripts.com js.hs-analytics.net js.hsforms.net js.hsadspixel.net js.hs-banner.com js.usemessages.com www.googletagmanager.com script.crazyegg.com snap.licdn.com scout-cdn.salesloft.com opps-widget.getwarmly.com unpkg.com stats.wp.com browser.sentry-cdn.com js.driftt.com widget.drift.com googleads.g.doubleclick.net www.googleadservices.com js.zi-scripts.com js.static.parmonic.ai www.buzzsprout.com buzzsprout.com dyv6f9ner1ir9.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com ; img-src 'self' data: blob: www.alacriti.com alacriti.com fast.wistia.com fast.wistia.net embed-ssl.wistia.com stats.wp.com pixel.wp.com track.hubspot.com px.ads.linkedin.com forms-na1.hsforms.com googleads.g.doubleclick.net www.googleadservices.com www.google.com www.googletagmanager.com www.google-analytics.com *.media.parmonic.ai res.cloudinary.com www.linkedin.com *.buzzsprout.com www.buzzsprout.com; font-src 'self' fonts.gstatic.com data:; media-src 'self' data: blob: fast.wistia.com alacriti.wistia.com www.alacriti.com alacriti.com www.buzzsprout.com buzzsprout.com; connect-src 'self' pipedream.wistia.com distillery.wistia.com fast.wistia.com fast.wistia.net browser.sentry-cdn.com js.hs-scripts.com js.hs-analytics.net js.hsforms.net js.usemessages.com track.hubspot.com api.hubspot.com api.hubapi.com hubspot-forms-static-embed.s3.amazonaws.com www.google-analytics.com region1.google-analytics.com www.google.com maps.googleapis.com opps-api.getwarmly.com script.crazyegg.com snap.licdn.com scout-cdn.salesloft.com consent.api.osano.com tattle.api.osano.com cmp.osano.com disclosure.api.osano.com wss://opps-api.getwarmly.com *.drift.com wss://*.drift.com scout.salesloft.com px.ads.linkedin.com forms.hsforms.com forms-na1.hsforms.com tracking.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com js.zi-scripts.com wapi.parmonic.ai a7s.parmonic.ai *.media.parmonic.ai analytics.google.com stats.g.doubleclick.net ws.zoominfo.com static.hsappstatic.net; worker-src 'self' blob:; frame-src 'self' fast.wistia.com fast.wistia.net embed-ssl.wistia.com www.googletagmanager.com forms.hsforms.com maps.google.com www.google.com js.driftt.com widget.drift.com td.doubleclick.net app.hubspot.com alacriti889.outgrow.us *.outgrow.us outgrow.co *.buzzsprout.com buzzsprout.com; form-action 'self' https://forms.hsforms.com https://forms-na1.hsforms.com;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=(), interest-cohort=()
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
1 headers
Age
Caching
18134
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
Apache
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
7 headers
Date
Other
Sun, 18 Jan 2026 16:37:07 GMT
Link
Other
<https://www.alacriti.com/wp-json/>; rel="https://api.w.org/", <https://www.alacriti.com/wp-json/wp/v2/pages/12>; rel="alternate"; title="JSON"; type="application/json", <https://www.alacriti.com/>; rel=shortlink
Via
Other
1.1 870f727707d4b04bb51c428dfcc673b4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
G2Z-CxNq8WMFwfNlJ0q3iwr8qO8lxXL5fJwIGdrE-xcx8MHfHE2w5w==
X-Amz-Cf-Pop
Other
IAD61-P8
X-Cache
Other
Hit from cloudfront
X-Dns-Prefetch-Control
Other
on
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching