Open
Cached
·
just now
23
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
geolocation=(), microphone=(), camera=(); +1 more
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
connection: close transfer-encoding: chunked vary: Accept-Encoding, Origin
Caching Headers
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
CloudFront
X-Powered-By
Next.js
server: CloudFront x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Alt-Svc
h3=":443"; ma=86400
Date
Mon, 11 May 2026 16:24:37 GMT
Link
URL
/
rel=preconnect
crossorigin
URL
/_next/static/chunks/08wr3pg64c_bu.css
/_next/static/chunks/08wr3pg64c_bu.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
URL
/_next/static/chunks/02aaju2zak8xk.css
/_next/static/chunks/02aaju2zak8xk.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
URL
/_next/static/chunks/0-cttujn58o-h.css
/_next/static/chunks/0-cttujn58o-h.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
URL
/
rel=preconnect
crossorigin
URL
/_next/static/chunks/08wr3pg64c_bu.css
/_next/static/chunks/08wr3pg64c_bu.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
URL
/_next/static/chunks/02aaju2zak8xk.css
/_next/static/chunks/02aaju2zak8xk.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
URL
/_next/static/chunks/0-cttujn58o-h.css
/_next/static/chunks/0-cttujn58o-h.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
URL
/_next/static/chunks/0~w0fkhb8yreu.css
/_next/static/chunks/0~w0fkhb8yreu.css
rel=preload
as=style
nonce=Fcshq/LCeQK+XMXxcM6yRA==
Reporting-Endpoints
csp-endpoint="https://o1173271.ingest.us.sentry.io/api/4508291465019392/security/?sentry_key=3f46987d79d04169ed70e6ddfb902171"
Via
1.1 3c6bb832c5323be7cf066aba5d1e22ea.cloudfront.net (CloudFront)
X-Amz-Cf-Id
j_XcuYu1KU1CFOU9Ln8TfT3xU2hm5-zv9TZG6RsRPrMW6HeXHbz2zA==
X-Amz-Cf-Pop
IAD55-P6
X-Cache
Miss from cloudfront
alt-svc: h3=":443"; ma=86400 date: Mon, 11 May 2026 16:24:37 GMT link: </>; rel=preconnect; crossorigin="", </_next/static/chunks/08wr3pg64c_bu.css>; rel=preload; as="style"; nonce="Fcshq/LCeQK+XMXxcM6yRA==", </_next/static/chunks/02aaju2zak8xk.css>; rel=preload; as="style"; nonce="Fcshq/LCeQK+XMXxcM6yRA==", </_next/static/chunks/0-cttujn58o-h.css>; rel=preload; as="style"; nonce="Fcshq/LCeQK+XMXxcM6yRA==", </_next/static/chunks/0~w0fkhb8yreu.css>; rel=preload; as="style"; nonce="Fcshq/LCeQK+XMXxcM6yRA==" reporting-endpoints: csp-endpoint="https://o1173271.ingest.us.sentry.io/api/4508291465019392/security/?sentry_key=3f46987d79d04169ed70e6ddfb902171" via: 1.1 3c6bb832c5323be7cf066aba5d1e22ea.cloudfront.net (CloudFront) x-amz-cf-id: j_XcuYu1KU1CFOU9Ln8TfT3xU2hm5-zv9TZG6RsRPrMW6HeXHbz2zA== x-amz-cf-pop: IAD55-P6 x-cache: Miss from cloudfront
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology