Open
Cached
·
just now
19
Headers
Detected Technologies from Headers
YouTube
Apache
Cloudflare CDNJS
Datadog
Google AdSense
Google Analytics
Google API JS Client
Google Cloud Storage
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Maps
Google Optimize
Google Search
Google Static File Front End
Google Tag Manager
GrowthBook
Intercom
JotForm
jsDelivr
Leadfeeder
Libsyn
Mouseflow
Pendo
Sentry
Ubuntu
Vimeo
W3 Total Cache
Wistia
Yoast
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926; includeSubdomains; preload
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Cache-Control
max-age=0, public
Etag
"7f77906aeec4db6757aa9a65844fe2c3"
Expires
Sat, 09 May 2026 09:09:47 GMT
Last-Modified
Sat, 09 May 2026 09:09:46 GMT
Pragma
public
cache-control: max-age=0, public etag: "7f77906aeec4db6757aa9a65844fe2c3" expires: Sat, 09 May 2026 09:09:47 GMT last-modified: Sat, 09 May 2026 09:09:46 GMT pragma: public
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
Apache/2.4.52 (Ubuntu)
X-Powered-By
W3 Total Cache/2.9.4
server: Apache/2.4.52 (Ubuntu) x-powered-by: W3 Total Cache/2.9.4
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Sun, 10 May 2026 05:19:02 GMT
date: Sun, 10 May 2026 05:19:02 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology