Open
Cached
·
just now
27
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15552000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; style-src; +11 more
default-src 'self' *.vimeo.com; script-src 'self' mkt.avevaselect.com.br paragon.com.br mkt.paragon.com.br conteudo.paragon.com.br ams.wpml.org js.stripe.com snap.licdn.com optin.safetymails.com www.google.com www.youtube.com www.gstatic.com 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' data: platform.instagram.com www.instagram.com *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net google-analytics.com www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net ajax.googleapis.com www.googletagmanager.com googletagmanager.com tagmanager.google.com; style-src 'self' conteudo.paragon.com.br mkt.paragon.com.br mkt.avevaselect.com.br 'unsafe-inline' ams.wpml.org cdnjs.cloudflare.com *.vimeocdn.com fonts.googleapis.com www.googletagmanager.com tagmanager.google.com; img-src 'self' conteudo.paragon.com.br mkt.avevaselect.com.br ps.w.org s.w.org px.ads.linkedin.com px4.ads.linkedin.com secure.gravatar.com www.gravatar.com api.webnus.site storage.googleapis.com data: blob: ams.wpml.org google-analytics.com toolset.com wpml.org www.google-analytics.com ssl.google-analytics.com www.google.com i.ytimg.com www.googletagmanager.com; connect-src 'self' mkt.avevaselect.com.br mkt.paragon.com.br conteudo.paragon.com.br www.google.com px.ads.linkedin.com cdnjs.cloudflare.com ams.wpml.org *.vimeo.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com; font-src 'self' data: fonts.gstatic.com fonts.googleapis.com; object-src 'self' ; frame-src 'self' paragon.com.br mkt.avevaselect.com.br mkt.paragon.com.br conteudo.paragon.com.br forms.office.com js.stripe.com www.google.com ams.wpml.org cdnjs.cloudflare.com www.instagram.com *.vimeo.com *.vimeocdn.com www.youtube.com www.googletagmanager.com maps.google.com; child-src 'self' mkt.paragon.com.br mkt.avevaselect.com.br paragon.com.br conteudo.paragon.com.br cdnjs.cloudflare.com *.vimeo.com *.vimeocdn.com www.youtube.com www.googletagmanager.com; base-uri 'self' ; form-action 'self' mkt.avevaselect.com.br conteudo.paragon.com.br ams.wpml.org; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"),private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
0 headers
No caching headers found
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
12 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9bc73430bf0ed6fc-IAD
Date
Other
Sun, 11 Jan 2026 20:36:01 GMT
Nel
Other
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Panel
Other
hpanel
Report-To
Other
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=von%2B04hAGdfqR57TcD%2FOtrxfCsYGB0VjwtJXN7EilupnlaKlscNxp2aOc0DYKorQEONsol67n3kGnID%2BuFB4Z4ZTvAPElewJevJS%2BzCT6qpi9g%3D%3D"}]}
Server-Timing
Other
cfEdge;dur=12,cfOrigin;dur=408
X-Dns-Prefetch-Control
Other
on
X-Litespeed-Cache
Other
hit
X-Turbo-Charged-By
Other
LiteSpeed
X-Ua-Compatible
Other
IE=edge
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching