Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
default-src; img-src; font-src; +4 more
default-src 'self' 'unsafe-eval' 'unsafe-inline' *.jsspmedia.com jsspmedia.com *.aprtn.com aprtn.com tags.srv.stackadapt.com *.stalkoda.com stalkoda.com istatic-cdn.trackier.com stapecdn.com *.sentry-cdn.com *.hotjar.com *.cloudflare.com *.cloudfront.net indexfunction.com opnlink.com hitchbacks.com *.hitchbacks.com *.clarity.ms swrap.tradedoubler.com rtg.wewomedia.com *.facebook.net *.facebook.com *.bing.net *.bing.com *.doubleclick.net google.com *.googlesyndication.com *.gstatic.com *.google.com *.google.ru *.google.pl *.google.bg *.google.com.ua *.google.tn *.google.ch *.google.sk *.google.si *.google.ir *.google.cz *.google.co.uk *.google.lt *.google.de *.google.lv *.google.fr *.google.hu *.google.ee *.google.co.in *.google.nl *.google.pt *.google.by *.google.dz *.google.it mstat.acestream.net stackpath.bootstrapcdn.com *.googleapis.com www.googletagmanager.com *.google-analytics.com www.googleadservices.com *.redditstatic.com *.reddit.com px.ads.linkedin.com snap.licdn.com *.youtube.com code.jquery.com *.wallester.com wallester.com *.wallester.biz wallester.biz *.wallester.eu *.g2crowd.com *.g2.com yoast.com *.hotjar.io *.trackier.com smct.co *.smct.co *.smct.io ordozen.com *.ordozen.com *.amazonaws.com webtrafficsource.com s.logstracker.com 478.theodyo.com ads-twitter.com *.ads-twitter.com *.twitter.com wss://*.hotjar.com; img-src * data:; font-src * data:; media-src 'self' blob: data:; worker-src 'self' blob:; frame-src 'self' blob: *.wallester.com *.wallester.biz www.googletagmanager.com www.google.com www.youtube.com *.doubleclick.net *.cloudflare.com *.gotrackier.com *.opnlink.com *.hitchbacks.com *.smct.io *.cloudfront.net webtrafficsource.com; frame-ancestors 'self';
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
accept-encoding
Caching Headers
2 headers
Etag
Caching
W/"694cf4ab-44bc4"
Last-Modified
Caching
Thu, 25 Dec 2025 08:24:11 GMT
Content Headers
1 headers
Content-Type
Content
text/html
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
0 headers
No cookies headers found
Other Headers
5 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9b3bbd57a8cfd69c-IAD
Date
Other
Thu, 25 Dec 2025 22:22:52 GMT
X-Wl-Cntr
Other
US
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching
Analysis completed in 172ms