Open
Cached
·
just now
21
Headers
Detected Technologies from Headers
AWS CloudFront
Google Tag Manager
Brightcove
Formulayt
Google Cloud Run
Sift
Iterable
AppNexus (Xandr)
Guideflow
Fullstory
Google Translate
Netlify
Reddit
Webflow
Midbound Cloud
Yahoo
Forter
Liveramp
DocuSign
Google DoubleClick
Google Analytics
Microsoft Advertising
Google Conversion Tracking
Arkose Labs
Knotch
Mixpanel
Google Cloud Storage
Google Static File Front End
Next.js
Yellow.ai
Google Fonts
Twitter
Qualtrics
LinkedIn
Contentful
Inbenta
Influ2
Drift
unpkg
Google Search
Demandbase
Facebook
Amazon S3
Sierra
StackAdapt
OneTrust
Adobe Fonts (Typekit)
Cloudflare CDNJS
AWS
Oracle Eloqua
Taboola
SimplyCodes
Rubicon Project
TechTarget
Akamai
Active incidents
Cloudflare Images
YouTube
The Trade Desk
Optimizely
Sentry
jsDelivr
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy-Report-Only
Basic
default-src; script-src; script-src-elem; +11 more
Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Age
6853
Cache-Control
public,max-age=0,must-revalidate
Etag
"o73hanqun7qair-df"
age: 6853 cache-control: public,max-age=0,must-revalidate etag: "o73hanqun7qair-df"
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
Netlify
X-Powered-By
Next.js
server: Netlify x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Cache-Status
"Netlify Edge"; hit, "Netlify Edge"; hit;detail=p1
Date
Sun, 03 May 2026 08:10:39 GMT
Netlify-Vary
query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc,cookie=__prerender_bypass|__next_preview_data
Reporting-Endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub033a4bd2653ce2d11bc27e52920c440e&dd-evp-origin=content-security-policy&ddsource=csp-report"
X-All-Request
true
X-Nextjs-Date
Sun, 03 May 2026 06:18:14 GMT
X-Nf-Request-Id
01KQPE7D4ZKNHMP1TE2HYMBBPK
cache-status: "Netlify Edge"; hit, "Netlify Edge"; hit;detail=p1 date: Sun, 03 May 2026 08:10:39 GMT link: <https://docucdn-a.akamaihd.net>; rel="preconnect" netlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc,cookie=__prerender_bypass|__next_preview_data reporting-endpoints: csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub033a4bd2653ce2d11bc27e52920c440e&dd-evp-origin=content-security-policy&ddsource=csp-report" x-all-request: true x-nextjs-date: Sun, 03 May 2026 06:18:14 GMT x-nf-request-id: 01KQPE7D4ZKNHMP1TE2HYMBBPK
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology