Open
Cached
·
just now
23
Headers
Detected Technologies from Headers
AWS
Microsoft Advertising
Cloudflare CDN
DigitalOcean Spaces
Facebook
Google Analytics
Google DoubleClick
Google Fonts
Google Maps
Google Search
Google Tag Manager
Hotjar
HubSpot
HubSpot Forms
jsDelivr
LinkedIn
Localize.js
Microsoft Clarity
Mixpanel
Next.js
Oracle Cloud
Segment
Sentry
Stripe
Vercel
Visual Website Optimizer
ZoomInfo
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding
connection: close transfer-encoding: chunked vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding
Caching Headers
Age
0
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
age: 0 cache-control: private, no-cache, no-store, max-age=0, must-revalidate
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
cloudflare
X-Powered-By
Next.js
server: cloudflare x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Alt-Svc
h3=":443"; ma=86400
Cf-Cache-Status
DYNAMIC
Cf-Ray
9f66abaac931083a-IAD
Date
Mon, 04 May 2026 10:02:34 GMT
Link
URL
/_next/static/media/797e433ab948586e-s.p.dbea232f.woff2
rel=preload
as=font
crossorigin
nonce=ZDAwN2NhMmItYTllYy00Zjk4LWJlZDMtYjU0OWU5NjYwYmVm
type=font/woff2
URL
/_next/static/media/83afe278b6a6bb3c-s.p.3a6ba036.woff2
rel=preload
as=font
crossorigin
nonce=ZDAwN2NhMmItYTllYy00Zjk4LWJlZDMtYjU0OWU5NjYwYmVm
type=font/woff2
URL
/_next/static/media/Denim_Regular-s.p.ea822f0f.ttf
rel=preload
as=font
crossorigin
nonce=ZDAwN2NhMmItYTllYy00Zjk4LWJlZDMtYjU0OWU5NjYwYmVm
type=font/ttf
Server-Timing
cfCacheStatus;desc="DYNAMIC", cfEdge;dur=14,cfOrigin;dur=0,cfWorker;dur=115
X-Matched-Path
/
X-Vercel-Cache
MISS
X-Vercel-Id
iad1::iad1::mndb5-1777888954100-007a8f627d4c
alt-svc: h3=":443"; ma=86400 cf-cache-status: DYNAMIC cf-ray: 9f66abaac931083a-IAD date: Mon, 04 May 2026 10:02:34 GMT link: </_next/static/media/797e433ab948586e-s.p.dbea232f.woff2>; rel=preload; as="font"; crossorigin=""; nonce="ZDAwN2NhMmItYTllYy00Zjk4LWJlZDMtYjU0OWU5NjYwYmVm"; type="font/woff2", </_next/static/media/83afe278b6a6bb3c-s.p.3a6ba036.woff2>; rel=preload; as="font"; crossorigin=""; nonce="ZDAwN2NhMmItYTllYy00Zjk4LWJlZDMtYjU0OWU5NjYwYmVm"; type="font/woff2", </_next/static/media/Denim_Regular-s.p.ea822f0f.ttf>; rel=preload; as="font"; crossorigin=""; nonce="ZDAwN2NhMmItYTllYy00Zjk4LWJlZDMtYjU0OWU5NjYwYmVm"; type="font/ttf" server-timing: cfCacheStatus;desc="DYNAMIC", cfEdge;dur=14,cfOrigin;dur=0,cfWorker;dur=115 x-matched-path: / x-vercel-cache: MISS x-vercel-id: iad1::iad1::mndb5-1777888954100-007a8f627d4c
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology