HTTP Headers Analysis for https://app.fin.ai

Detected Technologies from Headers

See all in URL Inspect 32

AWS CloudFront

Google Analytics

YouTube

Adobe Marketo Arcade

Amazon S3

BootstrapCDN

Brightcove Entri

Facebook

Google DoubleClick

Google Fonts

Google reCAPTCHA

Google Tag Manager

G Workspace Guideflow

Intercom

JW Player

Loom

Mapbox

Nginx

OneTrust

Sentry

Microsoft SharePoint

Stripe

The Trade Desk

Twitter

Typeform

Vidyard

Vimeo

Wistia

Zuora

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31556952; includeSubDomains; preload

Content-Security-Policy

Good

default-src; base-uri; child-src; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Sec-Fetch-Site,Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Sec-Fetch-Site,Accept-Encoding

Caching Headers

Cache-Control

Caching

max-age=0, private, must-revalidate

Etag

Caching

W/"8e72ba652cacdadd8c615bf1ec87d741"

cache-control: max-age=0, private, must-revalidate
etag: W/"8e72ba652cacdadd8c615bf1ec87d741"

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

nginx

X-Runtime

Server

0.034492

server: nginx
x-runtime: 0.034492

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: gtm_id=c7086887-abbb-4425-a678-da9e162919da; domain=intercom.com; path=/; expires=Sat, 20 Feb 2027 18:10:10 GMT; SameSite=None; secure
_intercom_session=FoEz786%2Fmf6Rxs07GNKXLi%2BQguVyippPX2wXAlpK824CYVTo2g34Whv4vRFz8ODPuE0BIlGcCFb%2Fnr3dkogyOWhYtiUo%2Fipl0K9DQ%2FtOIOmzrcVXX9b8edfcd16LsCi%2BOKfeQUn0ZKqxqhuABh7xKJRO58G2gnED6JOKKs1eTZhsAm4tBUM7rszYGGB34qHY23i5NoP4nYZ7UsDvmGSH32iZ%2FfNHh6dyW3CWtNsXvVBijsKAaSXNpCxBN6Fumnve5rglgcaOT2e48awsvlAuWrNOQTz%2BlrDwrbR5w8T33fm8lpksFW3oq6QDBkrda7g%2B7g%3D%3D--zoMLXVMJH8zPp7OP--8PCL%2B0TxrwIE5vzmwnffgQ%3D%3D; path=/; expires=Tue, 24 Feb 2026 18:10:10 GMT; HttpOnly; secure

Other Headers

Date

Other

Fri, 20 Feb 2026 18:10:10 GMT

Link

Other

URL

https://www.googletagmanager.com/gtag/js?id=G-8VQ6F1K67R

rel=preload as=script nopush

URL

//dp3rct5vic41c.cloudfront.net/gtm.latest.js

rel=preload as=script nopush

URL

https://static.intercomassets.com/assets/login-737f49225b30643ad597519dde111e2a773d923c8ee028046fa162fa0af7d469.js

rel=preload as=script nopush

URL

https://static.intercomassets.com/assets/core_styles_shim-f1bd559cb43a5f2d07b1d6660a015886f565a556b9824a44c7ec88ab7020a6c4.css

rel=preload as=style nopush

Status

Other

200 OK

X-Ami-Version

Other

ami-092ee6d339c028ae1

X-Intercom-Version

Other

aeb3ba10d5ec9ff42fa1aa2a171ee4afdcb2c95a

X-Request-Id

Other

0003f63lqa6auihq74vg

X-Request-Queueing

Other

0

date: Fri, 20 Feb 2026 18:10:10 GMT
link: <https://www.googletagmanager.com/gtag/js?id=G-8VQ6F1K67R>; rel=preload; as=script; nopush,<//dp3rct5vic41c.cloudfront.net/gtm.latest.js>; rel=preload; as=script; nopush,<https://static.intercomassets.com/assets/login-737f49225b30643ad597519dde111e2a773d923c8ee028046fa162fa0af7d469.js>; rel=preload; as=script; nopush,<https://static.intercomassets.com/assets/core_styles_shim-f1bd559cb43a5f2d07b1d6660a015886f565a556b9824a44c7ec88ab7020a6c4.css>; rel=preload; as=style; nopush,<https://static.intercomassets.com/assets/signup-aaa49d0c09a3a312da8871d562ba228f56c4ace350d456f46cf22f15429e705c.css>; rel=preload; as=style; nopush
status: 200 OK
x-ami-version: ami-092ee6d339c028ae1
x-intercom-version: aeb3ba10d5ec9ff42fa1aa2a171ee4afdcb2c95a
x-request-id: 0003f63lqa6auihq74vg
x-request-queueing: 0

Recommendations

Enable compression (gzip/brotli) to improve performance