Open
Cached
·
3h ago
16
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Vary
rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding
connection: close vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding
Caching Headers
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
Content Headers
Content-Language
dev
Content-Length
166404
Content-Type
text/html; charset=utf-8
content-language: dev content-length: 166404 content-type: text/html; charset=utf-8
Server Headers
X-Powered-By
Next.js
x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Thu, 09 Apr 2026 09:07:29 GMT
Link
rel=alternate
hreflang=en
rel=alternate
hreflang=zh
rel=alternate
hreflang=ja
rel=alternate
hreflang=x-default
rel=alternate
hreflang=en
rel=alternate
hreflang=zh
rel=alternate
hreflang=ja
rel=alternate
hreflang=x-default
URL
/_next/static/media/2f13ad8e538108e0-s.p.9b936cf7.woff2
rel=preload
as=font
crossorigin
type=font/woff2
URL
/_next/static/media/83afe278b6a6bb3c-s.p.3a6ba036.woff2
rel=preload
as=font
crossorigin
type=font/woff2
URL
/_next/static/media/890431f0a0104557-s.p.2aa14085.woff2
rel=preload
as=font
crossorigin
type=font/woff2
URL
/_next/static/media/948603995becd211-s.p.15946141.woff2
rel=preload
as=font
crossorigin
type=font/woff2
URL
/_next/static/media/e8f2fbee2754df70-s.p.9b7a96b4.woff2
rel=preload
as=font
crossorigin
type=font/woff2
URL
/feature-slides/template-1.png
rel=preload
as=image
URL
/feature-slides/template-2.png
rel=preload
as=image
URL
/feature-slides/template-3.png
rel=preload
as=image
URL
/feature-slides/book.jpeg
rel=preload
as=image
URL
/feature-slides/github-sync.jpeg
rel=preload
as=image
URL
/feature-slides/uml-3.png
rel=preload
as=image
URL
/feature-slides/uml-2.png
rel=preload
as=image
URL
/feature-slides/uml-1.png
rel=preload
as=image
URL
/feature-slides/profile.jpeg
rel=preload
as=image
X-Middleware-Rewrite
/en
date: Thu, 09 Apr 2026 09:07:29 GMT link: <https://homepage.hackmd.io/>; rel="alternate"; hreflang="en", <https://homepage.hackmd.io/zh>; rel="alternate"; hreflang="zh", <https://homepage.hackmd.io/ja>; rel="alternate"; hreflang="ja", <https://homepage.hackmd.io/>; rel="alternate"; hreflang="x-default", </_next/static/media/2f13ad8e538108e0-s.p.9b936cf7.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/83afe278b6a6bb3c-s.p.3a6ba036.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/890431f0a0104557-s.p.2aa14085.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/948603995becd211-s.p.15946141.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/e8f2fbee2754df70-s.p.9b7a96b4.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </feature-slides/template-1.png>; rel=preload; as="image", </feature-slides/template-2.png>; rel=preload; as="image", </feature-slides/template-3.png>; rel=preload; as="image", </feature-slides/book.jpeg>; rel=preload; as="image", </feature-slides/github-sync.jpeg>; rel=preload; as="image", </feature-slides/uml-3.png>; rel=preload; as="image", </feature-slides/uml-2.png>; rel=preload; as="image", </feature-slides/uml-1.png>; rel=preload; as="image", </feature-slides/profile.jpeg>; rel=preload; as="image" x-middleware-rewrite: /en
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology