Open
Cached
·
just now
23
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
default-src; connect-src; font-src; +9 more
default-src 'self' altium.com *.altium.com *.altium365.com; connect-src 'self' altium.com *.altium.com *.altium365.com *.hotjar.com *.hotjar.io *.devstages.com v2.api.uberflip.com play.vidyard.com cdn.bizible.com 817-sfw-071.mktoresp.com api.segment.io api.amplitude.com bat.bing.com d.adroll.com https://*.optimizely.com stats.g.doubleclick.net www.facebook.com www.google-analytics.com *.googleapis.com *.firebaseio.com wss://*.firebaseio.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com mc.yandex.ru *.clarity.ms https://boards-api.greenhouse.io/v1/boards/braze/departments https://boards-api.greenhouse.io/v1/boards/altium/departments https://boards-api.greenhouse.io/v1/boards/*/departments https://boards-api.greenhouse.io/v1/boards/altium/jobs https://apihub.document360.io/v1/articles/ https://apihub.document360.io/v1/projectversions/ https://cdn.cookielaw.org *.onetrust.com ajax.googleapis.com *.g.doubleclick.net *.googlesyndication.com *.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com cdn.segment.com calendly.com c.6sc.co ipv6.6sc.co cdn.mxpnl.com assets.apollo.io px.ads.linkedin.com aplo-evnt.com api-js.mixpanel.com https://cdn.growthbook.io profile.altium365.com ws.zoominfo.com api.schedule.zoominfo.com js.zi-scripts.com *.customgpt.ai *.drift.com altium.my.salesforce-sites.com altium.my.salesforce-scrt.com *.qualified.com wss://ws4.qualified.com *.doubleclick.net *.capterra.com *.reddit.com https://www.google-analytics.com https://www.googletagmanager.com https://o406350.ingest.sentry.io/api/4504513653833728/envelope/; font-src 'self' data: altium.com *.altium.com d2ns91cgb08z5o.cloudfront.net d25n9y37pkfre9.cloudfront.net dhm5hy2vn8l0l.cloudfront.net themes.googleusercontent.com fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com; frame-src 'self' altium.com *.altium.com *.hotjar.com *.doubleclick.net *.fls.doubleclick.net *.adroll.com http://4296759.fls.doubleclick.net *.marketo.com *.twitter.com play.vidyard.com d3l9fju211jpzs.cloudfront.net js.driftt.com www.instagram.com www.youtube.com www.google.com www.facebook.com http://altium.force.com/* http://altium.force.com https://altium.my.salesforce-sites.com https://altium-dev.os.tc *.getfeedback.com *.addtoany.com *.firebaseio.com https://vars.hotjar.com https://*.cdn.optimizely.com https://*.cdn-pci.optimizely.com https://boards.greenhouse.io/* https://Altium.drift.click calendly.com app.getreprise.com https://altium.storylane.io https://*.googletagmanager.com https://hackerone.com *.customgpt.ai *.statuspage.io https://www.surveymonkey.com/ service.force.com altium.my.site.com *.qualified.com *.reddit.com; img-src * data:; manifest-src 'self' *.altium.com *.altium365.com *.files.altium.com *.files.altium365.com; object-src 'none'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' blob: altium.com *.altium.com *.altium365.com *.adroll.com *.marketo.com *.hotjar.com *.twitter.com d2ns91cgb08z5o.cloudfront.net d3l9fju211jpzs.cloudfront.net d25n9y37pkfre9.cloudfront.net analytics.twitter.com bat.bing.com cdn.bizible.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com cdn.segment.com cdn.syndication.twimg.com cdn.amplitude.com connect.facebook.net content.cdntwrk.com dev.visualwebsiteoptimizer.com ml314.com *.ml314.com d.adroll.mgr.consensu.org js.driftt.com go.toutapp.com googleads.g.doubleclick.net munchkin.marketo.net pixel-geo.prfct.co play.vidyard.com snap.licdn.com static.addtoany.com static.ads-twitter.com tag.marinsm.com tag.bounceexchange.com www.upsellit.com www.instagram.com www.google-analytics.com www.googleadservices.com www.googletagmanager.com www.google.com www.gstatic.com www.redditstatic.com www.youtube.com onesignal.com *.onesignal.com *.getfeedback.com *.firebaseio.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com *.clarity.ms mc.yandex.ru https://cdn.cookielaw.org ajax.googleapis.com assets.calendly.com js.storylane.io *.6sc.co cdn.mxpnl.com assets.apollo.io *.sf-syn.com tracking.g2crowd.com js.zi-scripts.com ws-assets.zoominfo.com schedule.zoominfo.com *.customgpt.ai *.statuspage.io widget.surveymonkey.com *.salesforceliveagent.com altium.my.salesforce.com altium.my.salesforce-sites.com static.lightning.force.com altium.my.site.com *.qualified.com *.capterra.com cdnjs.cloudflare.com go.altium.com https://cdn-shared.altium.com https://cdn.files.altium.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://play.vidyard.com https://profile.altium.com https://profile.dev1.altium.com https://profile.uat1.altium.com https://service.force.com https://static.addtoany.com https://thelebster.github.io https://unpkg.com https://www.altium.com https://www.google.com https://www.gstatic.com viewer.altium.com www.altium.com; style-src 'self' 'unsafe-inline' altium.com *.altium.com *.altium365.com *.marketo.com *.twitter.com *.twimg.com cloud.typography.com d2ns91cgb08z5o.cloudfront.net d25n9y37pkfre9.cloudfront.net onesignal.com fonts.googleapis.com www.googletagmanager.com assets.calendly.com service.force.com altium.my.salesforce-sites.com altium.my.force.com altium.my.site.com cdnjs.cloudflare.com https://cdn-shared.altium.com https://cdn.files.altium.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://unpkg.com www.altium.com; worker-src 'self'; base-uri 'self'; upgrade-insecure-requests
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Vary
Performance
Cookie
Caching Headers
5 headers
Age
Caching
2140
Cache-Control
Caching
max-age=3600, public
Etag
Caching
"1769430017"
Expires
Caching
Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified
Caching
Mon, 26 Jan 2026 12:20:17 GMT
Content Headers
3 headers
Content-Language
Content
en
Content-Length
Content
68142
Content-Type
Content
text/html; charset=UTF-8
Server Headers
2 headers
Server
Server
nginx/1.28.0
X-Powered-By
Server
PHP/8.3.23
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
8 headers
Date
Other
Wed, 28 Jan 2026 14:23:14 GMT
Via
Other
1.1 2af44885a7fc4faf5a3444e606d6c02c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
NrHn8UzH3CFXxcm6h6QVi-leG88DKR2CoJYvi3Qm5zCLBRuvdmsTIA==
X-Amz-Cf-Pop
Other
IAD61-P10
X-Cache
Other
Hit from cloudfront
X-Drupal-Cache
Other
HIT
X-Drupal-Dynamic-Cache
Other
MISS
X-Generator
Other
Drupal 10 (https://www.drupal.org)
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology