Security Analysis Results

private,no-cache

gzip

862

default-src data: 'unsafe-inline' 'unsafe-eval' 'self' www.stranstore.com *.stranstore.com 3.amazonaws.com cdn.kendostatic.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net/j/collect *.hotjar.com wss://*.hotjar.com *.hotjar.io *.youtube.com *.getbee.io *.pingdom.net wss://*.intercom.io *.google.com *.jsdelivr.net wss://*.tawk.to *.intercom.io *.googleapis.com kendo.cdn.telerik.com *.tawk.to *.gstatic.com js.intercomcdn.com static.ateasesystems.net fg-mail-content.s3.amazonaws.com *.polyfill.io polyfill.io app-rsrc.getbee.io *.jquery.com *.cloudflare.com *.vimeo.com *.facebook.net *.facebook.com cdn.ckeditor.com netdna.bootstrapcdn.com getbootstrap.com blueimp.github.io jqueryui.com *.joomag.com *.payaconnect.com *.fontawesome.com *.livechatinc.com *.livechat-static.com *.livechat-files.com js.zi-scripts.com cdn.rlets.com; img-src data: 'self' www.stranstore.com *.stranstore.com *.scene7.com *.vimeocdn.com fg-mail-content.s3.amazonaws.com *.tawk.to fault.rlets.com *.googletagmanager.com http://*.ateasesystems.net *.payaconnect.com *.bing.com www.googleadservices.com googleadservices.com *.google.com *.google.ca; frame-ancestors *; frame-src *.ateasesystems.net ateasesystems.net *.payaconnect.com *.google.com *.vimeo.com *.joomag.com hemsync.clickagy.com *.rlets.com *.doubleclick.net www.googletagmanager.com; script-src blob: 'self' www.stranstore.com *.stranstore.com 'unsafe-inline' 'unsafe-eval' *.polyfill.io polyfill.io bat.bing.com beacon.krxd.net *.cloudflare.com cdn.rlets.com connect.facebook.net eu.thinkingchat.com *.fontawesome.com *.gstatic.com *.hotjar.com i.simpli.fi *.jsdelivr.net pixel.mathtag.com pubads.g.doubleclick.net reachlocal.thinkingchat.com *.google-analytics.com tag.simpli.fi https://*.tawk.to *.tawk.to *.vimeo.com *.vimeocdn.com www.googleadservices.com www.googletagmanager.com www.google.com *.payaconnect.com www.reachlocallivechat.com js.zi-scripts.com ws.zoominfo.com tags.clickagy.com *.doubleclick.net; connect-src 'self' www.stranstore.com *.stranstore.com js.zi-scripts.com ws.zoominfo.com apgb2b-reachcodeandproxy.gannettdigital.com *.fontawesome.com *.google-analytics.com *.jsdelivr.net *.rlets.com https://*.tawk.to *.tawk.to capture-api.reachlocalservices.com um.simpli.fi wss://*.tawk.to wss://*.hotjar.com *.hotjar.io aorta.clickagy.com hemsync.clickagy.com *.google.com *.localiq.com www.googleadservices.com;

text/html; charset=utf-8

Wed, 29 Apr 2026 17:01:58 GMT

0,0

no-cache,no-cache

no-referrer, strict-origin-when-cross-origin

max-age=63072000; includeSubDomains; preload

Accept-Encoding

nosniff

SAMEORIGIN

none

ASP.NET

V2|ef6daef0-e2c1-42eb-b35c-051e93d00190|C0|CD0

1; mode=block