Open
Cached
·
just now
16
Headers
Detected Technologies from Headers
PayPal
HTML Load
Google AdSense
Google Maps
Google Tag Manager
Bing
Google reCAPTCHA
Sift
Braintree
Sardine
AppsFlyer
Fullstory
Reddit
Plaid
Google DoubleClick
Google Analytics
Google Conversion Tracking
Cloudflare CDN
Google Static File Front End
Google API JS Client
Socure
TikTok Analytics
Google Fonts
Twitter
LinkedIn
Zendesk
Google Search
Facebook
Snapchat
Entrust Identity Verification
MNTN
Microsoft Clarity
Sentry
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15552000; includeSubDomains; preload;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept, Refresh-Only,Origin
connection: close transfer-encoding: chunked vary: Accept, Refresh-Only,Origin
Caching Headers
No caching headers found
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
cloudflare
server: cloudflare
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Cf-Cache-Status
DYNAMIC
Cf-Ray
9f264bbacae1f685-IAD
Date
Sun, 26 Apr 2026 14:32:15 GMT
X-Include-Csp
recaptcha.contentSecurityPolicy
cf-cache-status: DYNAMIC cf-ray: 9f264bbacae1f685-IAD date: Sun, 26 Apr 2026 14:32:15 GMT x-include-csp: recaptcha.contentSecurityPolicy
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching