Open
Cached
·
just now
22
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
keep-alive
Vary
Performance
Accept-Encoding, Authorization, Fastly-SSL, X-Device, X-Continent-Code, X-User-Status, X-User-Has-Access, X-Is-Sponsored-Country, X-Privacy-Api, X-Is-Bot, X-Comments-Eligible-By-Geo, X-Wall-Exempt-Source, X-ABTest-psvp
Caching Headers
4 headers
Age
Caching
747
Cache-Control
Caching
public, max-age=120
Etag
Caching
W/"84f1c-/RFriSc+zc2/YGAZ3f0ff+QGkHE"
Last-Modified
Caching
Fri, 07 Nov 2025 17:31:04 GMT
Content Headers
2 headers
Content-Length
Content
544540
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
X-Powered-By
Server
Fenrir
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
AWSALBTGCORS=6D8IYT/N87SW/oG2MTMa9rJ4DACrLmckob6qSrwoANazQooZnKRCbrpihK0rlKzmZp3WUOoWpk58n7tHLAvcPqrbBEHG2m2yHEOzASddECtf0snjl0JcQDPsE9OtwsC0hpRtpCNc+uPQk2z32SPwAprsS6/uBZ6r/pQ4q/vLGzL6; Expires=Fri, 14 Nov 2025 17:31:04 GMT; Path=/; SameSite=None; Secure
Other Headers
9 headers
Date
Other
Fri, 07 Nov 2025 17:43:31 GMT
Link
Other
</styles/v1-landing-page.dac9892a5db235f7793e.css>; rel=preload; as=style; nopush, </scripts/main.da4d5219a4af72fa8b81.js>; rel=preload; as=script; fetchpriority=low; nopush, </scripts/vendors.a94fa6bce33e1fb160ab.js>; rel=preload; as=script; fetchpriority=low; nopush, </scripts/utilities.5b429681f5f38427d1de.js>; rel=preload; as=script; fetchpriority=low; nopush, </public/fonts/Garnett-VF-Subset-Web.woff2>; rel=preload; as=font; type=font/woff2; crossorigin; fetchpriority=low; nopush
Via
Other
1.1 varnish, 1.1 varnish
X-Cache
Other
MISS, HIT
X-Cache-Hits
Other
0, 0
X-Country-Code
Other
US
X-Origin-Version
Other
251107.1137
X-Served-By
Other
cache-iad-kjyo7100125-IAD, cache-pdk-kfty8610052-PDK
X-Timer
Other
S1762537412.687907,VS0,VE4
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology
Analysis completed in 269ms