Open
Cached
·
just now
21
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
geolocation=(), microphone=(), camera=(); +1 more
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
connection: close transfer-encoding: chunked vary: Accept-Encoding, Origin
Caching Headers
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
X-Powered-By
Next.js
x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Wed, 13 May 2026 11:29:55 GMT
Link
URL
/
rel=preconnect
crossorigin
URL
/_next/static/chunks/08wr3pg64c_bu.css
/_next/static/chunks/08wr3pg64c_bu.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
URL
/_next/static/chunks/02aaju2zak8xk.css
/_next/static/chunks/02aaju2zak8xk.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
URL
/_next/static/chunks/0-cttujn58o-h.css
/_next/static/chunks/0-cttujn58o-h.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
URL
/
rel=preconnect
crossorigin
URL
/_next/static/chunks/08wr3pg64c_bu.css
/_next/static/chunks/08wr3pg64c_bu.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
URL
/_next/static/chunks/02aaju2zak8xk.css
/_next/static/chunks/02aaju2zak8xk.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
URL
/_next/static/chunks/0-cttujn58o-h.css
/_next/static/chunks/0-cttujn58o-h.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
URL
/_next/static/chunks/0~w0fkhb8yreu.css
/_next/static/chunks/0~w0fkhb8yreu.css
rel=preload
as=style
nonce=p1LyAiBhvXwahCUvLet1Aw==
Reporting-Endpoints
csp-endpoint="https://o1173271.ingest.us.sentry.io/api/4508291465019392/security/?sentry_key=3f46987d79d04169ed70e6ddfb902171"
Via
1.1 0ebe6e1aeade584a38f4b98aa3f2014a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
cyRVPFp6PSCBmEub3_JCt-bjZF6PepB4dGS57xKwyY-dgWLM_88-gg==
X-Amz-Cf-Pop
IAD61-P1
X-Cache
Miss from cloudfront
date: Wed, 13 May 2026 11:29:55 GMT link: </>; rel=preconnect; crossorigin="", </_next/static/chunks/08wr3pg64c_bu.css>; rel=preload; as="style"; nonce="p1LyAiBhvXwahCUvLet1Aw==", </_next/static/chunks/02aaju2zak8xk.css>; rel=preload; as="style"; nonce="p1LyAiBhvXwahCUvLet1Aw==", </_next/static/chunks/0-cttujn58o-h.css>; rel=preload; as="style"; nonce="p1LyAiBhvXwahCUvLet1Aw==", </_next/static/chunks/0~w0fkhb8yreu.css>; rel=preload; as="style"; nonce="p1LyAiBhvXwahCUvLet1Aw==" reporting-endpoints: csp-endpoint="https://o1173271.ingest.us.sentry.io/api/4508291465019392/security/?sentry_key=3f46987d79d04169ed70e6ddfb902171" via: 1.1 0ebe6e1aeade584a38f4b98aa3f2014a.cloudfront.net (CloudFront) x-amz-cf-id: cyRVPFp6PSCBmEub3_JCt-bjZF6PepB4dGS57xKwyY-dgWLM_88-gg== x-amz-cf-pop: IAD61-P1 x-cache: Miss from cloudfront
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology