Open
Cached
·
just now
35
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63113904; includeSubDomains; preload
Content-Security-Policy
Basic
base-uri; frame-ancestors; connect-src; +8 more
base-uri 'self'; frame-ancestors 'self' https://betterstack.dev https://uptime.betterstack.dev https://telemetry.betterstack.dev https://direct.betterstack.dev https://errors.betterstack.dev https://warehouse.betterstack.dev https://uptime.betterstack.test https://direct.betterstack.test https://telemetry.betterstack.test https://errors.betterstack.test https://warehouse.betterstack.test https://uptime.betterstack.local https://direct.betterstack.local https://telemetry.betterstack.local https://errors.betterstack.local https://warehouse.betterstack.local; connect-src 'self' betterstack.dev uptime.betterstack.dev telemetry.betterstack.dev direct.betterstack.dev errors.betterstack.dev warehouse.betterstack.dev uptime.betterstack.test direct.betterstack.test telemetry.betterstack.test errors.betterstack.test warehouse.betterstack.test uptime.betterstack.local direct.betterstack.local telemetry.betterstack.local errors.betterstack.local warehouse.betterstack.local wss://betterstack.dev wss://uptime.betterstack.dev wss://telemetry.betterstack.dev wss://direct.betterstack.dev wss://errors.betterstack.dev wss://warehouse.betterstack.dev wss://uptime.betterstack.test wss://direct.betterstack.test wss://telemetry.betterstack.test wss://errors.betterstack.test wss://warehouse.betterstack.test wss://uptime.betterstack.local wss://direct.betterstack.local wss://telemetry.betterstack.local wss://errors.betterstack.local wss://warehouse.betterstack.local dev.betterstackcdn.com cdnjs.betterstack.com cdnjs.betterstackcdn.com betterstack-organization-logos-staging.s3.us-west-002.backblazeb2.com betterstack-team-logos-staging.s3.us-west-002.backblazeb2.com betterstack-user-avatars-staging.s3.us-west-002.backblazeb2.com *.okta.com *.sentry.io https://api.stripe.com https://chat-assets.frontapp.com https://chat.frontapp.com https://us-west-1-chat-server.frontapp.com https://us-west-2-chat-server.frontapp.com https://eu-west-1-chat-server.frontapp.com wss://front-us-realtime.ably.io wss://front-eu-realtime.ably.io https://chat-webhook.frontapp.com *.bugsnag.com https://*.browser-intake-datadoghq.com https://internet-up.ably-realtime.com www.google.com www.google.ca www.google.co.uk www.google.de www.google.fr www.google.es www.google.it www.google.nl www.google.jp www.google.au www.google.ru www.google.br www.google.in www.google.cn www.google.sg www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.br www.google.com.co www.google.com.eg www.google.com.hk www.google.com.id www.google.com.il www.google.com.in www.google.com.jp www.google.com.kr www.google.com.mx www.google.com.my www.google.com.nz www.google.com.ph www.google.com.pk www.google.com.sg www.google.com.tr www.google.com.ua www.google.co.za *.google-analytics.com www.google-analytics.com *.doubleclick.net www.google.com/pagead/ www.google.com/ccm/collect adservice.google.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net https://connect.facebook.net https://www.facebook.com/tr https://www.facebook.com/tr/ ads.linkedin.com *.ads.linkedin.com pixel-config.reddit.com www.redditstatic.com conversions-config.reddit.com https://plausible.io bat.bing.com bat.bing.net https://static.ads-twitter.com https://analytics.twitter.com https://snap.licdn.com https://posthog.betterstack.dev https://upload.imagedelivery.net *.betterstackdata.com; font-src 'self' dev.betterstackcdn.com https://fonts.gstatic.com https://use.typekit.net https://chat-assets.frontapp.com; frame-src 'self' https://betterstack.dev https://uptime.betterstack.dev https://telemetry.betterstack.dev https://direct.betterstack.dev https://errors.betterstack.dev https://warehouse.betterstack.dev https://uptime.betterstack.test https://direct.betterstack.test https://telemetry.betterstack.test https://errors.betterstack.test https://warehouse.betterstack.test https://uptime.betterstack.local https://direct.betterstack.local https://telemetry.betterstack.local https://errors.betterstack.local https://warehouse.betterstack.local uptime.betterstack.test direct.betterstack.test telemetry.betterstack.test errors.betterstack.test warehouse.betterstack.test uptime.betterstack.local direct.betterstack.local telemetry.betterstack.local errors.betterstack.local warehouse.betterstack.local uptime.betterstack.dev direct.betterstack.dev telemetry.betterstack.dev errors.betterstack.dev warehouse.betterstack.dev https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://www.googletagmanager.com https://td.doubleclick.net https://bid.g.doubleclick.net https://www.youtube.com https://www.facebook.com https://*.js.stripe.com https://js.stripe.com https://hooks.stripe.com newsletter.betterstack.com betterstack.substack.com www.loom.com; form-action *; style-src 'report-sample' 'self' 'unsafe-inline' dev.betterstackcdn.com cdnjs.betterstack.com cdnjs.betterstackcdn.com uptime.betterstack.test direct.betterstack.test telemetry.betterstack.test errors.betterstack.test warehouse.betterstack.test uptime.betterstack.local direct.betterstack.local telemetry.betterstack.local errors.betterstack.local warehouse.betterstack.local uptime.betterstack.dev direct.betterstack.dev telemetry.betterstack.dev errors.betterstack.dev warehouse.betterstack.dev https://fonts.googleapis.com blob:; script-src 'report-sample' 'self' 'unsafe-eval' dev.betterstackcdn.com cdnjs.betterstack.com cdnjs.betterstackcdn.com uptime.betterstack.test direct.betterstack.test telemetry.betterstack.test errors.betterstack.test warehouse.betterstack.test uptime.betterstack.local direct.betterstack.local telemetry.betterstack.local errors.betterstack.local warehouse.betterstack.local uptime.betterstack.dev direct.betterstack.dev telemetry.betterstack.dev errors.betterstack.dev warehouse.betterstack.dev https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.js.stripe.com https://js.stripe.com https://chat-assets.frontapp.com *.google-analytics.com www.google-analytics.com *.doubleclick.net www.google.com/pagead/ www.google.com/ccm/collect adservice.google.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net https://connect.facebook.net https://www.facebook.com/tr https://www.facebook.com/tr/ ads.linkedin.com *.ads.linkedin.com pixel-config.reddit.com www.redditstatic.com conversions-config.reddit.com https://plausible.io bat.bing.com bat.bing.net https://static.ads-twitter.com https://analytics.twitter.com https://snap.licdn.com https://posthog.betterstack.dev 'nonce-277cea1944688158883661b6e677797b'; worker-src 'report-sample' 'self' blob: dev.betterstackcdn.com cdnjs.betterstack.com cdnjs.betterstackcdn.com uptime.betterstack.test direct.betterstack.test telemetry.betterstack.test errors.betterstack.test warehouse.betterstack.test uptime.betterstack.local direct.betterstack.local telemetry.betterstack.local errors.betterstack.local warehouse.betterstack.local uptime.betterstack.dev direct.betterstack.dev telemetry.betterstack.dev errors.betterstack.dev warehouse.betterstack.dev; img-src 'self' blob: data: dev.betterstackcdn.com cdnjs.betterstack.com cdnjs.betterstackcdn.com uptime.betterstack.test direct.betterstack.test telemetry.betterstack.test errors.betterstack.test warehouse.betterstack.test uptime.betterstack.local direct.betterstack.local telemetry.betterstack.local errors.betterstack.local warehouse.betterstack.local uptime.betterstack.dev direct.betterstack.dev telemetry.betterstack.dev errors.betterstack.dev warehouse.betterstack.dev www.gravatar.com ui-avatars.com https://*.wp.com/ui-avatars.com/api/ betterstack-organization-logos-staging.s3.us-west-002.backblazeb2.com betterstack-team-logos-staging.s3.us-west-002.backblazeb2.com betterstack-user-avatars-staging.s3.us-west-002.backblazeb2.com https://imagedelivery.net https://imagedelivery.betterstackcdn.com https://betterstack.com/cdn-cgi/image/ https://betterstackcdn.com/cdn-cgi/image/ https://chat.frontapp.com https://chat-assets.frontapp.com https://chat-assets.frontusercontent.com https://nibbler.frontapp.com www.google.com www.google.ca www.google.co.uk www.google.de www.google.fr www.google.es www.google.it www.google.nl www.google.jp www.google.au www.google.ru www.google.br www.google.in www.google.cn www.google.sg www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.br www.google.com.co www.google.com.eg www.google.com.hk www.google.com.id www.google.com.il www.google.com.in www.google.com.jp www.google.com.kr www.google.com.mx www.google.com.my www.google.com.nz www.google.com.ph www.google.com.pk www.google.com.sg www.google.com.tr www.google.com.ua www.google.co.za *.google-analytics.com *.doubleclick.net www.google.com google.com https://alb.reddit.com linkedin.com *.linkedin.com bat.bing.com bat.bing.net https://www.facebook.com www.googletagmanager.com https://t.co/i/ https://t.co/1/ https://analytics.twitter.com cdn.loom.com; default-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
close
Caching Headers
1 headers
Cache-Control
Caching
no-cache
Content Headers
2 headers
Content-Length
Content
27
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
BunnyCDN-ASB1-925
X-Runtime
Server
0.018371
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
24 headers
Cdn-Cache
Other
MISS
Cdn-Cachedat
Other
12/02/2025 17:30:10
Cdn-Edgestorageid
Other
925
Cdn-Proxyver
Other
1.41
Cdn-Pullzone
Other
4491959
Cdn-Requestcountrycode
Other
US
Cdn-Requestid
Other
6ad968048f43b630eac8614a83994cd4
Cdn-Requestpullcode
Other
401
Cdn-Requestpullsuccess
Other
True
Cdn-Requesttime
Other
0
Cdn-Status
Other
401
Cf-Cache-Status
Other
BYPASS
Cf-Ray
Other
9a7c8cf5ca3fa5b8-IAD
Cross-Origin-Embedder-Policy-Report-Only
Other
require-corp; report-to csp-endpoint
Cross-Origin-Opener-Policy-Report-Only
Other
same-origin; report-to csp-endpoint
Date
Other
Tue, 02 Dec 2025 17:30:10 GMT
Feature-Policy
Other
accelerometer 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; usb 'none'
Nel
Other
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To
Other
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zIA8N8ZIhN0p0ma58Y0h%2Bt%2FZOkCAxceA%2Fi343Pu6NggxglbQhMAVXYcDDwio8gkz%2Bw96B0s2cpddspmdfVJGmi2ysc4rX8C5mt%2Fl4Z2GjQ%3D%3D"}]}
Reporting-Endpoints
Other
csp-endpoint="https://in.logs.betterstack.com?source_token=9Vx9Vgtf6qiwSK1DV7c8s5iA"
Server-Timing
Other
cfEdge;dur=17,cfOrigin;dur=466
Www-Authenticate
Other
Basic realm="Application"
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
a420c0a9-ec53-49e8-8977-5b3931a79811
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 884ms