Open
Cached
·
just now
21
Headers
Detected Technologies from Headers
ASP.NET
Cloudflare CDN
Cloudflare CDNJS
Cloudflare Web Analytics
Facebook
Google Analytics
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Maps
Google Search
Google Static File Front End
Google Tag Manager
jQuery
jsDelivr
List.js
Salesforce Sites
TikTok Analytics
unpkg
Yandex
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
connection: close transfer-encoding: chunked
Caching Headers
Cache-Control
private
Expires
Fri, 27 Mar 2026 22:24:55 GMT
cache-control: private expires: Fri, 27 Mar 2026 22:24:55 GMT
Content Headers
Content-Type
text/html
content-type: text/html
Server Headers
Server
cloudflare
X-Powered-By
ASP.NET
server: cloudflare x-powered-by: ASP.NET
CORS Headers
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
access-control-allow-headers: * access-control-allow-methods: * access-control-allow-origin: *
Cookies Headers
Set-Cookie
AWSALB
XtneU5E+XaanfJHMZgy+xlEzBmqodZrozN+JOIWJTLdmdBQCojmVdcbUbcu+wGot6/PcTGNKNm+S5kSVYdLYD2EwMCTWqFiMZfHVbQM8pvl0NJSGZeoQmYqMjOfC
XtneU5E+XaanfJHMZgy+xlEzBmqodZrozN+JOIWJTLdmdBQCojmVdcbUbcu+wGot6/PcTGNKNm+S5kSVYdLYD2EwMCTWqFiMZfHVbQM8pvl0NJSGZeoQmYqMjOfC
Path=/
Expires=6d
AWSALBCORS
XtneU5E+XaanfJHMZgy+xlEzBmqodZrozN+JOIWJTLdmdBQCojmVdcbUbcu+wGot6/PcTGNKNm+S5kSVYdLYD2EwMCTWqFiMZfHVbQM8pvl0NJSGZeoQmYqMjOfC
XtneU5E+XaanfJHMZgy+xlEzBmqodZrozN+JOIWJTLdmdBQCojmVdcbUbcu+wGot6/PcTGNKNm+S5kSVYdLYD2EwMCTWqFiMZfHVbQM8pvl0NJSGZeoQmYqMjOfC
Path=/
SameSite=None
Secure
Expires=6d
ASP.NET_SessionId
a1e15pxivfmnz1xazovvkhcv
a1e15pxivfmnz1xazovvkhcv
path=/
SameSite=Lax
secure
HttpOnly
Other Headers
Alt-Svc
h3=":443"; ma=86400
Cf-Cache-Status
DYNAMIC
Cf-Ray
9e3176f7b919d62c-IAD
Date
Fri, 27 Mar 2026 21:24:56 GMT
Server-Timing
cfCacheStatus;desc="DYNAMIC", cfEdge;dur=38,cfOrigin;dur=453
Speculation-Rules
"/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400 cf-cache-status: DYNAMIC cf-ray: 9e3176f7b919d62c-IAD date: Fri, 27 Mar 2026 21:24:56 GMT server-timing: cfCacheStatus;desc="DYNAMIC", cfEdge;dur=38,cfOrigin;dur=453 speculation-rules: "/cdn-cgi/speculation"
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology