Open
Cached
·
just now
21
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15768000
X-Frame-Options
Excellent
deny
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Accept-Ranges
bytes
Connection
close
accept-ranges: bytes connection: close
Caching Headers
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Etag
"69f325bc-5534"
Expires
0
Last-Modified
Thu, 30 Apr 2026 09:49:48 GMT
Pragma
no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0 etag: "69f325bc-5534" expires: 0 last-modified: Thu, 30 Apr 2026 09:49:48 GMT pragma: no-cache
Content Headers
Content-Length
21812
Content-Type
text/html
content-length: 21812 content-type: text/html
Server Headers
Server
Contentful
server: Contentful
CORS Headers
Access-Control-Allow-Headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Personal-Intercept
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Etag
Access-Control-Max-Age
1728000
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Personal-Intercept access-control-allow-methods: GET,HEAD,OPTIONS access-control-allow-origin: * access-control-expose-headers: Etag access-control-max-age: 1728000
Cookies Headers
Other Headers
Date
Sat, 02 May 2026 16:10:33 GMT
X-Contentful-Ui-Version
__current__
date: Sat, 02 May 2026 16:10:33 GMT x-contentful-ui-version: __current__
Recommendations
Enable compression (gzip/brotli) to improve performance