Open
Cached
·
just now
18
Headers
Detected Technologies from Headers
Algolia
Arcade
ClearBit
Customer.io
Firebase
Google Analytics
Google API JS Client
Google Cloud Functions
Google Cloud Storage
Google DoubleClick
Google Fonts
Google Hosted Libraries
Google Static File Front End
Google Tag Manager
Intercom
jsDelivr
Liveblocks
Mux
Next.js
PostHog
Sentry
Stripe
Vercel
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=63072000
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
connection: close
Caching Headers
Age
0
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Etag
"ta6oj3h7nx4g4"
age: 0 cache-control: private, no-cache, no-store, max-age=0, must-revalidate etag: "ta6oj3h7nx4g4"
Content Headers
Content-Length
5764
Content-Type
text/html; charset=utf-8
content-length: 5764 content-type: text/html; charset=utf-8
Server Headers
Server
Vercel
X-Powered-By
Next.js
server: Vercel x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Wed, 25 Feb 2026 04:51:08 GMT
X-Dns-Prefetch-Control
on
X-Matched-Path
/auth
X-Vercel-Cache
MISS
X-Vercel-Id
iad1::cle1::4x78h-1771995068537-60e6d1bf8288
date: Wed, 25 Feb 2026 04:51:08 GMT x-dns-prefetch-control: on x-matched-path: /auth x-vercel-cache: MISS x-vercel-id: iad1::cle1::4x78h-1771995068537-60e6d1bf8288
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology