Open
Cached
·
just now
22
Headers
Detected Technologies from Headers
Adobe Target
AWS CloudFront
YouTube
Google AdSense
Google Maps
Google Tag Manager
Bing
G2
Salesforce Cloud
SalesLoft
Riddle
PartnerStack
Reddit
OpenX
NetSuite
Liveramp
Capterra
Azure Blob Storage
Trustpilot
Microsoft Power Apps Portals
Google DoubleClick
Google Analytics
Microsoft Advertising
Crazy Egg
Google Conversion Tracking
Adobe Audience Manager
Basis Technologies
Typeform
Google Static File Front End
TikTok Analytics
Google Fonts
Clickagy
Twitter
Hotjar
LinkedIn
Zendesk
BrightTALK
ZoomInfo
Adobe Experience Cloud
Google Search
Demandbase
Facebook
Buzzsprout
OneTrust
Snapchat
Salesforce Sites
Pinterest
Cloudflare CDNJS
Oracle Eloqua
Rubicon Project
MNTN
Google Optimize
Tawk.to
Quora
The Trade Desk
Microsoft Clarity
Sentry
jsDelivr
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close, Transfer-Encoding
Transfer-Encoding
chunked
connection: close, Transfer-Encoding transfer-encoding: chunked
Caching Headers
Cache-Control
max-age=2921
Etag
W/"69f335ad-102c55"
Last-Modified
Thu, 30 Apr 2026 10:57:49 GMT
cache-control: max-age=2921 etag: W/"69f335ad-102c55" last-modified: Thu, 30 Apr 2026 10:57:49 GMT
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
No server headers found
CORS Headers
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, expires, x-xsrf-token, authorization, project-guid, cache-control, x-requested-with
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://www.eset.com, https://www.eset.com
Access-Control-Expose-Headers
X-EDPS-Request-Status
access-control-allow-credentials: true access-control-allow-headers: Content-Type, expires, x-xsrf-token, authorization, project-guid, cache-control, x-requested-with access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: https://www.eset.com, https://www.eset.com access-control-expose-headers: X-EDPS-Request-Status
Cookies Headers
Other Headers
Date
Sun, 03 May 2026 13:58:43 GMT
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Reporting-Endpoints
csp-endpoint="https://www-eset-com.api.cspconsole.eset.com"
X-Edps-Request-Status
normal
X-Rendering-Engine
html
date: Sun, 03 May 2026 13:58:43 GMT feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none' reporting-endpoints: csp-endpoint="https://www-eset-com.api.cspconsole.eset.com" x-edps-request-status: normal x-rendering-engine: html
Recommendations
Enable compression (gzip/brotli) to improve performance