Open
Cached
·
just now
8
Headers
Detected Technologies from Headers
Amplitude
Atlassian
AWS
Amazon S3
Bugsnag
Cloudflare CDNJS
Contentful
Envoy
Fullstory
G2
Google API JS Client
Google Cloud Storage
Google Fonts
Google Hosted Libraries
Google Static File Front End
Google Sign-In
ipify
LaunchDarkly
Active incidents
Pendo
Salesforce Personalization
Salesforce Cloud
Salesforce Sites
Zendesk
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Vary
Accept-Encoding
connection: close vary: Accept-Encoding
Caching Headers
No caching headers found
Content Headers
Content-Length
0
content-length: 0
Server Headers
Server
istio-envoy
server: istio-envoy
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Thu, 30 Apr 2026 12:38:19 GMT
Via
1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date: Thu, 30 Apr 2026 12:38:19 GMT via: 1.1 google
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching