SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Expired Certificate - the server's certificate has expired
Open
Cached
·
just now
22
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
base-uri; font-src; form-action; +12 more
base-uri 'none'; font-src 'self' https: data:; form-action https://green.netcup.com https://red.netcup.com https://blue.netcup.com https://www.netcup.com https://www.facebook.com; frame-ancestors 'self'; img-src https://green.netcup.com https://red.netcup.com https://blue.netcup.com https://www.netcup.com https://ads-twitter.com https://ads-api.twitter.com https://analytics.twitter.com https://mautic.netcup.news https://px.ads.linkedin.com 'self' blob: data: https:; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; script-src https://green.netcup.com https://red.netcup.com https://blue.netcup.com https://www.netcup.com https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com https://*.onetrust.com https://measure.netcup.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://widget.trustpilot.com https://cdn.brevo.com/js/sdk-loader.js 'self' 'wasm-unsafe-eval' 'nonce-c5hGV/Vph0TWcLBr+7+BRLSc'; upgrade-insecure-requests; connect-src https://green.netcup.com https://red.netcup.com https://blue.netcup.com https://www.netcup.com https://ads-twitter.com https://ads-api.twitter.com https://analytics.twitter.com https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com https://*.onetrust.com https://www.google.com https://in-automate.brevo.com https://measure.netcup.com https://google.com https://px.ads.linkedin.com https://*.clarity.ms/ 'self' https://*.analytics.google.com https://*.google-analytics.com https://stats.g.doubleclick.net https://eu-api.friendlycaptcha.eu https://googleads.g.doubleclick.net https://www.googleadservices.com https://cdn.cookielaw.org https://adservice.google.com https://pagead2.googlesyndication.com https://www.redditstatic.com https://pixel-config.reddit.com https://analytics.tiktok.com https://ads.tiktok.com https://bat.bing.com https://widget.trustpilot.com; worker-src blob:; child-src blob: https://td.doubleclick.net; script-src-elem https://green.netcup.com https://red.netcup.com https://blue.netcup.com https://www.netcup.com https://cdn.brevo.com/js/sdk-loader.js https://sibautomation.com/sa.js https://sibforms.com/ https://www.googleadservices.com https://www.redditstatic.com 'self' 'unsafe-inline' https://*.googletagmanager.com https://static.ads-twitter.com https://snap.licdn.com https://bat.bing.com https://connect.facebook.net https://*.clarity.ms https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://analytics.tiktok.com https://ads.tiktok.com https://measure.netcup.com https://www.youtube.com https://pagead2.googlesyndication.com https://widget.trustpilot.com; frame-src https://td.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://measure.netcup.com https://www.youtube-nocookie.com/ https://widget.trustpilot.com https://green.netcup.com https://red.netcup.com https://blue.netcup.com https://www.netcup.com;
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
2 headers
Connection
Performance
close
Keep-Alive
Performance
timeout=30
Caching Headers
2 headers
Age
Caching
23
Cache-Control
Caching
max-age=0, s-maxage=5, public
Content Headers
2 headers
Content-Length
Content
1189406
Content-Type
Content
text/html;charset=utf-8
Server Headers
0 headers
No server headers found
CORS Headers
1 headers
Access-Control-Allow-Origin
Cors
*
Cookies Headers
1 headers
Set-Cookie
Cookies
__Secure-CDNCID=Fsl60SufUXxXZOJvFP5r0qAx+/tBjL6Pg7B5SNE4q3c7FqkZyq5J2OitB6+ZEasv40IWl999X/F6gRBSfs88IX4Ngucg4u1qneuH4do4EZLFeZjqNyAUWysygjsHsuph; Path=/; Max-Age=86400; Secure; HttpOnly; SameSite=Lax
Other Headers
7 headers
Alt-Svc
Other
h3=":443"; ma=600
Date
Other
Mon, 26 Jan 2026 09:30:32 GMT
Origin-Agent-Cluster
Other
?1
X-Dns-Prefetch-Control
Other
off
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Trace-Id
Other
e95b0926-c81a-4acc-9504-e0bf9edef234
Recommendations
Enable compression (gzip/brotli) to improve performance