Open
Cached
·
just now
16
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Strong
default-src; script-src; style-src; +7 more
default-src 'self'; script-src 'self' secure.quantserve.com snap.licdn.com rules.quantcount.com https://www.googletagmanager.com *.3gl.net 'strict-dynamic' ioapp.catchpoint.com 'nonce-lQUr0YEc4kPpQ5lhcrTYAhB3pZm+hajF4U8MaXxD3t0='; style-src 'self'; frame-src 'self' https://js.chargify.com/ https://www.sresurvey2019.com/ https://landingportal.catchpoint.com/ https://product.webpagetest.org/; object-src 'none'; img-src 'self' *.3gl.net px.ads.linkedin.com pixel.quantserve.com p.adsymptotic.com us-u.openx.net pixel.rubiconproject.com cm.g.doubleclick.net; frame-ancestors 'self' https://landingportal.catchpoint.com/; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox; base-uri 'self'; upgrade-insecure-requests;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Caching Headers
2 headers
Cache-Control
Caching
no-cache, no-store
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=.gJ35z4TUHBeT25LOwACOUpfdzv2jbV0h2pUhYTfcYA-1768411064-1.0.1.1-.KxqGxqSuXq_n.4XjPPEccKyZf1aRN0yjM_wx3kvlmxfDj10L4POIgFqDfeg9tDn7P6cJ_0hfqs7JbH98PEwVRQDDEKd6AI_EpMfBzWGjDw; path=/; expires=Wed, 14-Jan-26 17:47:44 GMT; domain=.ioapp.catchpoint.com; HttpOnly; Secure; SameSite=None
Other Headers
4 headers
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9bdec9e07ffc0794-IAD
Date
Other
Wed, 14 Jan 2026 17:17:44 GMT
X-Content-Security-Policy
Other
default-src 'self'; script-src 'self' secure.quantserve.com snap.licdn.com rules.quantcount.com https://www.googletagmanager.com *.3gl.net 'strict-dynamic' ioapp.catchpoint.com 'nonce-lQUr0YEc4kPpQ5lhcrTYAhB3pZm+hajF4U8MaXxD3t0='; style-src 'self'; frame-src 'self' https://js.chargify.com/ https://www.sresurvey2019.com/ https://landingportal.catchpoint.com/ https://product.webpagetest.org/; object-src 'none'; img-src 'self' *.3gl.net px.ads.linkedin.com pixel.quantserve.com p.adsymptotic.com us-u.openx.net pixel.rubiconproject.com cm.g.doubleclick.net; frame-ancestors 'self' https://landingportal.catchpoint.com/; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox; base-uri 'self'; upgrade-insecure-requests;
Recommendations
Enable compression (gzip/brotli) to improve performance