Open
Cached
·
just now
16
Headers
Detected Technologies from Headers
Apache
Microsoft Advertising
Contentsquare
Drift
Facebook
Google Analytics
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Search
Google Static File Front End
Google Tag Manager
Hotjar
HubSpot
HubSpot Analytics
HubSpot Forms
HubSpot Live Chat
jsDelivr
LinkedIn
OneTrust
PHP
Salesforce Pardot
SalesLoft
Stripe
Vimeo
YouTube
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Cache-Control
no-store, no-cache, must-revalidate, no-transform
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
cache-control: no-store, no-cache, must-revalidate, no-transform expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
Apache
X-Powered-By
PHP/8.0.30
server: Apache x-powered-by: PHP/8.0.30
CORS Headers
No CORS headers found
Cookies Headers
Set-Cookie
PHPSESSID
266ou1l3vtrqe0fla9ksk71afc
266ou1l3vtrqe0fla9ksk71afc
path=/
secure
HttpOnly
Other Headers
Date
Tue, 31 Mar 2026 07:25:38 GMT
date: Tue, 31 Mar 2026 07:25:38 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology