Open
Cached
·
7h ago
30
Headers
Detected Technologies from Headers
Adobe Marketo
AppNexus (Xandr)
Chili Piper
Cloudflare CDN
Contentful
Contentsquare
Datadog
Drift
Active incidents
Envoy
Facebook
Google Analytics
Google Cloud Functions
Google Conversion Tracking
Google DoubleClick
Google Search
Google Tag Manager
LinkedIn
Marketlinc
OneTrust
Optimizely
Pinterest
Qualified
Reddit
Sentry
Active incidents
6sense
Sprig
Square
SvelteKit
The Trade Desk
YouTube
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=631152000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Accept-Ranges
bytes
Connection
close
Vary
Accept-Encoding
accept-ranges: bytes connection: close vary: Accept-Encoding
Caching Headers
Age
215
Cache-Control
max-age=0, public, must-revalidate
Etag
"sltgzs"
age: 215 cache-control: max-age=0, public, must-revalidate etag: "sltgzs"
Content Headers
Content-Length
1957250
Content-Type
text/html; charset=utf-8
content-length: 1957250 content-type: text/html; charset=utf-8
Server Headers
Server
cloudflare
server: cloudflare
CORS Headers
Access-Control-Allow-Headers
x-kpsdk-cd, x-kpsdk-ct
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
Cookies Headers
Other Headers
Cf-Cache-Status
HIT
Cf-Ray
9fa8d7590ac31ee7-IAD
Date
Tue, 12 May 2026 10:46:43 GMT
Link
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
rel=preload
crossorigin=anonymous
as=font
type=font/woff2
rel=preload
crossorigin=anonymous
as=font
type=font/woff2
rel=preload
crossorigin=anonymous
as=font
type=font/woff2
Origin-Agent-Cluster
?1
Report-To
Group
browser-intake-datadoghq
max-age: 18w
X-Dns-Prefetch-Control
off
X-Download-Options
noopen
X-Envoy-Decorator-Operation
/{locale}
X-Permitted-Cross-Domain-Policies
none
X-Sveltekit-Page
true
cf-cache-status: HIT
cf-ray: 9fa8d7590ac31ee7-IAD
date: Tue, 12 May 2026 10:46:43 GMT
link: <https://pw-renderer-production-c.squarecdn.com>; rel="preconnect"; crossorigin="anonymous", <https://images.ctfassets.net>; rel="preconnect"; crossorigin="anonymous", <https://assets.ctfassets.net>; rel="preconnect"; crossorigin="anonymous", <https://cdn.cookielaw.org>; rel="preconnect"; crossorigin="anonymous", <https://pw-assets-production-c.squarecdn.com>; rel="preconnect"; crossorigin="anonymous", <https://cash-f.squarecdn.com/static/fonts/cashsans/woff2/CashSans-Regular.woff2>; rel="preload"; crossorigin="anonymous"; as="font"; type="font/woff2", <https://cash-f.squarecdn.com/static/fonts/cashsans/woff2/CashSans-Medium.woff2>; rel="preload"; crossorigin="anonymous"; as="font"; type="font/woff2", <https://campaign-hub-production-f.squarecdn.com/static/fonts/exact/ExactBlock-Regular.woff2>; rel="preload"; crossorigin="anonymous"; as="font"; type="font/woff2",
origin-agent-cluster: ?1
report-to: {"group":"browser-intake-datadoghq","max_age":10886400,"endpoints":[{"url":"https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin=content-security-policy&ddsource=csp-report"}]}
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-decorator-operation: /{locale}
x-permitted-cross-domain-policies: none
x-sveltekit-page: true
Recommendations
Enable compression (gzip/brotli) to improve performance