HTTP Headers Analysis for https://c.doit.com

Detected Technologies from Headers

See all in URL Inspect 11

YouTube

Cloudflare CDN

Google Analytics

Google Fonts

Google Tag Manager

Hotjar

HubSpot

HubSpot Analytics

HubSpot Forms

Microsoft Clarity

Next.js

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; includeSubDomains; preload

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Basic

default-src; script-src; connect-src; +9 more Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Present

camera=(), microphone=(), geolocation=(); +1 more

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding

connection: close
transfer-encoding: chunked
vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding

Caching Headers

Cache-Control

Caching

public, s-maxage=86400, stale-while-revalidate=604800

cache-control: public, s-maxage=86400, stale-while-revalidate=604800

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f63e82dbf49f26a-IAD

Date

Other

Mon, 04 May 2026 01:59:35 GMT

Link

Other

URL /_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2

rel=preload as=font crossorigin type=font/woff2

URL /_next/static/media/ModeratSerif_Light-s.p.0dn030s1~8tyb.woff2

rel=preload as=font crossorigin type=font/woff2

URL /_next/static/media/ModeratSerif_Regular-s.p.0i8ybqzerqeqw.woff2

rel=preload as=font crossorigin type=font/woff2

URL

/_next/static/chunks/00wk16zde27xi.css

rel=preload as=style

Nel

Other

Report-To Group default max-age: 4w

success: 0.0% failure: 100.0%

Reporting-Endpoints

Other

default="https://a.nel.cloudflare.com/report/v4?s=cloudflare"

Server-Timing

Other

cfCacheStatus;desc="DYNAMIC", cfEdge;dur=11,cfOrigin;dur=0,cfWorker;dur=511

Speculation-Rules

Other

"/cdn-cgi/speculation"

X-Draft-Region

Other

other

X-Locale

Other

en

X-Middleware-Rewrite

Other

/sp/__root__

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9f63e82dbf49f26a-IAD
date: Mon, 04 May 2026 01:59:35 GMT
link: </_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/ModeratSerif_Light-s.p.0dn030s1~8tyb.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/ModeratSerif_Regular-s.p.0i8ybqzerqeqw.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/chunks/00wk16zde27xi.css>; rel=preload; as="style", </_next/static/chunks/0s51pc~~alzvl.css>; rel=preload; as="style"
nel: {"report_to":"default","max_age":2592000,"include_subdomains":false,"success_fraction":0.0,"failure_fraction":1.0}
reporting-endpoints: default="https://a.nel.cloudflare.com/report/v4?s=cloudflare"
server-timing: cfCacheStatus;desc="DYNAMIC", cfEdge;dur=11,cfOrigin;dur=0,cfWorker;dur=511
speculation-rules: "/cdn-cgi/speculation"
x-draft-region: other
x-locale: en
x-middleware-rewrite: /sp/__root__

Recommendations

Enable compression (gzip/brotli) to improve performance