Open
Cached
·
just now
20
Headers
Detected Technologies from Headers
AWS CloudFront
Google Tag Manager
Brightcove
Formulayt
Google Cloud Run
Sift
Iterable
AppNexus (Xandr)
Guideflow
Fullstory
Google Translate
Netlify
Active incidents
Reddit
Active incidents
Webflow
Midbound Cloud
Yahoo
Forter
Liveramp
DocuSign
Google DoubleClick
Google Analytics
Microsoft Advertising
Google Conversion Tracking
Arkose Labs
Knotch
Mixpanel
Google Cloud Storage
Google Static File Front End
Next.js
Yellow.ai
Google Fonts
Twitter
Qualtrics
LinkedIn
Contentful
Inbenta
Influ2
Drift
unpkg
Google Search
Demandbase
Facebook
Amazon S3
Sierra
StackAdapt
OneTrust
Adobe Fonts (Typekit)
Cloudflare CDNJS
AWS
Active incidents
Oracle Eloqua
Taboola
SimplyCodes
Rubicon Project
TechTarget
Akamai
Cloudflare Images
YouTube
The Trade Desk
Optimizely
Sentry
jsDelivr
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy-Report-Only
Basic
default-src; script-src; script-src-elem; +11 more
Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Age
6028
Cache-Control
public,max-age=0,must-revalidate
Etag
"15d4txu9z1i7tu2-df"
age: 6028 cache-control: public,max-age=0,must-revalidate etag: "15d4txu9z1i7tu2-df"
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
Netlify
X-Powered-By
Next.js
server: Netlify x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Cache-Status
"Netlify Edge"; hit, "Next.js"; hit, "Netlify Durable"; fwd=bypass, "Netlify Edge"; fwd=miss;detail=p1, "Netlify Edge"; hit;detail=p2
Date
Sun, 10 May 2026 07:52:17 GMT
Netlify-Vary
query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc,cookie=__prerender_bypass|__next_preview_data
Reporting-Endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub033a4bd2653ce2d11bc27e52920c440e&dd-evp-origin=content-security-policy&ddsource=csp-report"
X-Nextjs-Date
Sun, 10 May 2026 06:13:39 GMT
X-Nf-Request-Id
01KR8DYSMSYS8A2P89E8HBTRVS
cache-status: "Netlify Edge"; hit, "Next.js"; hit, "Netlify Durable"; fwd=bypass, "Netlify Edge"; fwd=miss;detail=p1, "Netlify Edge"; hit;detail=p2 date: Sun, 10 May 2026 07:52:17 GMT link: <https://docucdn-a.akamaihd.net>; rel="preconnect" netlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc,cookie=__prerender_bypass|__next_preview_data reporting-endpoints: csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub033a4bd2653ce2d11bc27e52920c440e&dd-evp-origin=content-security-policy&ddsource=csp-report" x-nextjs-date: Sun, 10 May 2026 06:13:39 GMT x-nf-request-id: 01KR8DYSMSYS8A2P89E8HBTRVS
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology