HTTP Headers Analysis for https://bitso.com

Detected Technologies from Headers

See all in URL Inspect 52

Gravatar

Criteo

Google Tag Manager

Bing

Google reCAPTCHA

ShareThrough

Google Cloud Run

Amplitude Active incidents

AppNexus (Xandr)

AppsFlyer

Yahoo

Statuspage

HubSpot Forms

Envoy

HubSpot Feedback & Surveys

Google DoubleClick

Google Analytics

Crazy Egg

Google Conversion Tracking

Adobe Audience Manager

Segment

Cloudflare CDN

Greenhouse

Datadog

Google Cloud Storage

Google Static File Front End

Outbrain

Next.js

TikTok Analytics

Google Fonts

Twitter

G Workspace

Hotjar

PubMatic

Zendesk

Contentful

HubSpot Analytics

Teads

Yieldmo

Google Search

Facebook

Matomo

TripleLift

Taboola

Rubicon Project

Visual Website Optimizer

HubSpot

HubSpot Live Chat

Sentry

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Weak

img-src; font-src; style-src; +3 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer

Permissions-Policy

Present

microphone=(), usb=()

Recommendations

• Significantly strengthen CSP directives

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding

connection: close
transfer-encoding: chunked
vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding

Caching Headers

Cache-Control

Caching

s-maxage=31536000

cache-control: s-maxage=31536000

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

cloudflare

X-Powered-By

Server

Next.js

server: cloudflare
x-powered-by: Next.js

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: NEXT_LOCALE=us; Path=/; SameSite=lax
__cf_bm=u8IStXQw3DLftyMh4jkmFDb2InYUO7gm8dDXD1p3pyk-1777460025.9266245-1.0.1.1-zSiiY9x33sUTe.gbx1AZCz31knM6_U.b47rZ5b9F9_k4b7Zcr6tjTdU6MjOxbTZwyJQOCj7bJ63TWw743fBBd5ie2KgIiQ3gePn4rCzjGddQ9hqDpAxPKyLhsT909JiE; HttpOnly; Secure; Path=/; Domain=bitso.com; Expires=Wed, 29 Apr 2026 11:23:45 GMT

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f3dc3ca0a54c964-IAD

Date

Other

Wed, 29 Apr 2026 10:53:45 GMT

Link

Other

URL https://bitso.com/mx

rel=alternate hreflang=es-mx

URL https://bitso.com/ar

rel=alternate hreflang=es-ar

URL https://bitso.com/co

rel=alternate hreflang=es-co

URL https://bitso.com/br

rel=alternate hreflang=pt-br

X-Envoy-Upstream-Service-Time

Other

9

X-Middleware-Rewrite

Other

/us

X-Nextjs-Cache

Other

HIT

X-Nextjs-Prerender

Other

1, 1

X-Nextjs-Stale-Time

Other

300

cf-cache-status: DYNAMIC
cf-ray: 9f3dc3ca0a54c964-IAD
date: Wed, 29 Apr 2026 10:53:45 GMT
link: <https://bitso.com/mx>; rel="alternate"; hreflang="es-mx", <https://bitso.com/ar>; rel="alternate"; hreflang="es-ar", <https://bitso.com/co>; rel="alternate"; hreflang="es-co", <https://bitso.com/br>; rel="alternate"; hreflang="pt-br", <https://bitso.com/>; rel="alternate"; hreflang="en", <https://bitso.com/>; rel="alternate"; hreflang="x-default"
x-envoy-upstream-service-time: 9
x-middleware-rewrite: /us
x-nextjs-cache: HIT
x-nextjs-prerender: 1, 1
x-nextjs-stale-time: 300

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology