Open
Cached
·
just now
27
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; media-src; img-src; +2 more
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://*.website-files.com https://*.prod.website-files.com https://uploads-ssl.webflow.com https://webflow.com https://*.survicate.com https://*.survicate-cdn.com https://*.intercom.io wss://*.intercom.io https://*.intercom-messenger.com wss://*.intercom-messenger.com https://*.intercomcdn.com https://static.intercomassets.com https://*.cookiebot.com https://www.googletagmanager.com https://d3e54v103j8qbb.cloudfront.net https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com www.googleadservices.com https://stats.g.doubleclick.net https://td.doubleclick.net https://assets.calendly.com https://calendly.com https://tracking.g2crowd.com https://*.g2.com https://cdn.mxpnl.com https://api-js.mixpanel.com https://snap.licdn.com https://px.ads.linkedin.com https://www.linkedin.com/ https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-analytics.net https://js.hs-banner.com *.hsforms.net *.hsforms.com https://forms.hubspot.com https://js.partnerstack.com partnerlinks.io https://grsm.io *.sharethis.com ipapi.co https://www.youtube-nocookie.com https://www.youtube.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://*.googleapis.com https://fonts.gstatic.com https://bcp.crwdcntrl.net https://survicate.traffit.com https://cdn.embedly.com/ https://*.demio.com https://tube.rvere.com https://*.storylane.io https://app.getcontrast.io https://sc.lfeeder.com https://jscloud.net https://*.ahrefs.com; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-to csp-endpoint-landing;
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
accept-encoding
Caching Headers
2 headers
Age
Caching
21493
Last-Modified
Caching
Sun, 28 Dec 2025 18:00:18 GMT
Content Headers
1 headers
Content-Type
Content
text/html
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_cfuvid=84nZ_mB3D.gqnbZgWPBsVh.7p.zPdacTv6mwy7HvXmc-1766966312268-0.0.1.1-604800000; path=/; domain=.web.survicate.com; HttpOnly; Secure; SameSite=None
Other Headers
12 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
HIT
Cf-Ray
Other
9b55019b5e289c7e-IAD
Date
Other
Sun, 28 Dec 2025 23:58:32 GMT
Report-To
Other
{ "group":"csp-endpoint-landing", "max_age":10886400, "endpoints": [{ "url":"https://panel-api.survicate.com/_/report_csp/landing" }] }
Surrogate-Control
Other
max-age=432000
Surrogate-Key
Other
web.survicate.com 5fca234a1c4867bb3d78dced pageId:66013d0b89f0cd308fc0ecb8 66c5a83a53d939cd5eee01e0 68cae7423b91575f16d3e2e4 68b54ff706ed934b895b483e
Via
Other
1.1 42d5fcec36fd38fa462bcec0f5f654fe.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
UQMyIHSS3Olp942Q5pKIOwsksQ8kXqShVEADZ7RXBh9goo9KPmbQYg==
X-Amz-Cf-Pop
Other
IAD61-P9
X-Cache
Other
Miss from cloudfront
X-Lambda-Id
Other
cfa3c05c-43fd-44f4-81e4-501afc7a4a3c
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching
Analysis completed in 180ms