HTTP Headers Analysis for https://alg.li

Detected Technologies from Headers

See all in URL Inspect 69

Gravatar

YouTube

Google Maps

Beamer

Pingdom

Google Tag Manager

G2

FunnelFuel

Amplitude

Google Hosted Libraries

AppNexus (Xandr)

CodeSandbox

Mutiny

Heroku

Liveramp

Pendo

Google DoubleClick

Arcade

AdRoll

Google Analytics

Microsoft Advertising

Google Conversion Tracking

ClearBit

Welcome to the Jungle

Report URI

Segment

Cloudflare CDN

Datadog Active incidents

Google Static File Front End

Weglot

Outbrain

Calendly

Google Fonts

SiteSpect

Vidyard

Twitter

Algolia

Hotjar

MadKudu

PubMatic

Cloudinary

Stripe

Drift

Google Search

BootstrapCDN

Adobe Marketo

Google Cloud Functions

Demandbase

Facebook

OneTrust

GitHub

Adobe Fonts (Typekit)

Salesforce Sites

TripleLift

Cloudflare CDNJS

Dun & Bradstreet DirectPlus

Vercel

Taboola

Rubicon Project

BuySellAds

Google Optimize

The Trade Desk

Microsoft Clarity

Font Awesome

Sentry

jsDelivr

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Weak

upgrade-insecure-requests; frame-src; frame-ancestors Analyze

Content-Security-Policy-Report-Only

Basic

default-src; img-src; font-src; +4 more Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Significantly strengthen CSP directives
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

accept-encoding

connection: close
transfer-encoding: chunked
vary: accept-encoding

Caching Headers

Cache-Control

Caching

no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0

Expires

Caching

Wed, 09 May 1979 05:30:00 GMT

Pragma

Caching

no-cache

cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
expires: Wed, 09 May 1979 05:30:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html;charset=UTF-8

content-type: text/html;charset=UTF-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: wem-session-id=c35804ab-6a66-47bb-ae99-ba4a2218a36d; Path=/; SameSite=Strict; secure
DISTRIBUTED_JSESSIONID=f3b7c7a9-dcce-42cf-879e-b0a8ae37a1f6.browsing.9249; Path=/; Secure; HttpOnly
SERVERID=s9249; path=/; HttpOnly; Secure
slb_route=91736c3767061d12ae59b52f6378532d; Path=/; Secure; HttpOnly
__cf_bm=JDAy.uPPQ28e6RzP27PaoRA5eLTp7ptHJqJEkXb8g6M-1775850823.5869381-1.0.1.1-1LuIbMqO6NAAJCGEJKsi_ffxBLRKMCkPMSlVBy68n4O7vg8lDVS149kDPoPBe85Fk0OY357ldD3YK8QFridUi8uyfA8y6grmLxNUBGb.vpSSfxH6N0y.WBLKRA0DmWto; HttpOnly; Secure; Path=/; Domain=algolia.com; Expires=Fri, 10 Apr 2026 20:23:43 GMT

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9ea44c9f6e5ed67c-IAD

Date

Other

Fri, 10 Apr 2026 19:53:43 GMT

X-Download-Options

Other

noopen

X-Permitted-Cross-Domain-Policies

Other

none

X-Resolver-Ip

Other

3.233.88.158

cf-cache-status: DYNAMIC
cf-ray: 9ea44c9f6e5ed67c-IAD
date: Fri, 10 Apr 2026 19:53:43 GMT
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-resolver-ip: 3.233.88.158

Recommendations

Enable compression (gzip/brotli) to improve performance