Open
Cached
·
just now
15
Headers
Detected Technologies from Headers
YouTube
Adobe Fonts (Typekit)
Microsoft Advertising
Cello
Cloudinary
Entail
Facebook
Firebase
Fullstory
Google Analytics
Google API JS Client
Google Conversion Tracking
Google DoubleClick
Google Search
Google Static File Front End
Google Sign-In
Google Tag Manager
G Workspace
HubSpot
HubSpot Analytics
HubSpot Forms
Intercom
Leadfeeder
LinkedIn
Mixpanel
Outbrain
Reddit
Sentry
Stripe
Tapfiliate
Google Cloud
Google Cloud Storage
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=10886400
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Content-Encoding
gzip
connection: close content-encoding: gzip
Caching Headers
Age
8978
Cache-Control
max-age=3600
Etag
"KKau1w"
age: 8978 cache-control: max-age=3600 etag: "KKau1w"
Content Headers
Content-Encoding
gzip
Content-Length
473
Content-Type
text/html
content-encoding: gzip content-length: 473 content-type: text/html
Server Headers
Server
Google Frontend
server: Google Frontend
CORS Headers
Access-Control-Allow-Origin
*
access-control-allow-origin: *
Cookies Headers
Other Headers
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Sat, 21 Feb 2026 00:29:38 GMT
Via
1.1 google
X-Cloud-Trace-Context
cd18d7ce76c8db079e2e69f6db8ce83b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date: Sat, 21 Feb 2026 00:29:38 GMT via: 1.1 google x-cloud-trace-context: cd18d7ce76c8db079e2e69f6db8ce83b
Recommendations
No recommendations at this time