Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Strong
block-all-mixed-content; report-uri; default-src; +8 more
block-all-mixed-content; report-uri https://lodash.report-uri.io/r/default/csp/enforce; default-src 'none'; child-src 'self' data: ms-appx-web: ghbtns.com runkit.com *.runkit-embed.com runkit-embed.com platform.twitter.com; img-src 'self' data: *.2mdn.net *.adsafeprotected.com ad.atdmt.com *.buysellads.com *.buysellads.net *.c3tag.com *.carbonads.net *.convertro.com ad.doubleclick.net www.google-analytics.com www.launchbit.com launchbit.com assets.servedby-buysellads.com *.serving-sys.com; font-src 'self' data: fonts.gstatic.com cdn.jsdelivr.net; frame-src 'self' data: ms-appx-web: ghbtns.com runkit.com *.runkit-embed.com runkit-embed.com platform.twitter.com; manifest-src 'self'; script-src 'self' *.carbonads.com srv.carbonads.net adn.fusionads.net www.google-analytics.com www.googletagmanager.com cdn.jsdelivr.net embed.runkit.com; style-src 'self' cdn.jsdelivr.net; connect-src lodash.report-uri.com lodash.report-uri.io 'self' ms-appx-web: ghbtns.com runkit.com *.runkit-embed.com runkit-embed.com platform.twitter.com *.2mdn.net *.adsafeprotected.com ad.atdmt.com *.buysellads.com *.buysellads.net *.c3tag.com *.carbonads.net *.convertro.com ad.doubleclick.net www.google-analytics.com www.launchbit.com launchbit.com assets.servedby-buysellads.com *.serving-sys.com fonts.gstatic.com cdn.jsdelivr.net *.carbonads.com srv.carbonads.net adn.fusionads.net www.googletagmanager.com embed.runkit.com;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Accept-Ranges
Performance
bytes
Caching Headers
3 headers
Age
Caching
0
Cache-Control
Caching
public,max-age=0,must-revalidate
Etag
Caching
"df77e4fda18674a480b9be64fa1ab4b6-ssl"
Content Headers
2 headers
Content-Length
Content
7620
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
Netlify
CORS Headers
1 headers
Access-Control-Allow-Origin
Cors
https://lodash.com
Cookies Headers
0 headers
No cookies headers found
Other Headers
4 headers
Cache-Status
Other
"Netlify Edge"; fwd=stale
Date
Other
Wed, 19 Nov 2025 03:39:10 GMT
Link
Other
<//ghbtns.com/>; rel=dns-prefetch; pr=1.0; crossorigin, <//platform.twitter.com/>; rel=dns-prefetch; pr=1.0; crossorigin, </sw.js>; rel=serviceworker, <https://cdn.jsdelivr.net/>; rel=preconnect; pr=1.0; crossorigin, <//runkit.com/>; rel=dns-prefetch; pr=0.25; crossorigin, <//cdn.carbonads.com/>; rel=dns-prefetch; pr=0.25, <//srv.carbonads.net/>; rel=dns-prefetch; pr=0.25, </assets/css/main.css>; rel=preload; as=style; pr=1.0, </vendor/cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css>; rel=preload; as=style; pr=1.0; crossorigin, </vendor/cdn.jsdelivr.net/fontawesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0>; rel=preload; as=font; pr=1.0; crossorigin, </vendor/fonts.gstatic.com/s/sourcecodepro/v6/leqv3v-yTsJNC7nFznSMqSP2LEk6lMzYsRqr3dHFImA.woff2>; rel=preload; as=font; pr=1.0; crossorigin, </vendor/fonts.gstatic.com/s/sourcecodepro/v6/leqv3v-yTsJNC7nFznSMqczFoXZ-Kj537nB_-9jJhlA.woff2>; rel=preload; as=font; pr=1.0; crossorigin, </assets/js/boot.js>; rel=preload; as=script; pr=1.0, </assets/js/home.js>; rel=preload; as=script; pr=1.0
X-Nf-Request-Id
Other
01KAD33QP4D6TA8F4GSDQD9SWD
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 0ms