Open
Cached
·
just now
14
Headers
Detected Technologies from Headers
AWS CloudFront
Gravatar
ASP.NET
Bing
Cloudflare CDNJS
Oracle Eloqua
Facebook
GitHub
Google Analytics
Google API JS Client
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Maps
Google Search
Google Static File Front End
Google Tag Manager
Google Translate
Hotjar
Kestrel
Moz
Salesforce Cloud
Sentry
Wistia
YouTube
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
X-Frame-Options
Good
SameOrigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Present
camera=(), display-capture=(), fullscreen=(); +3 more
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
Connection
close
Transfer-Encoding
chunked
connection: close transfer-encoding: chunked
Caching Headers
No caching headers found
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
Kestrel
X-Powered-By
ASP.NET
server: Kestrel x-powered-by: ASP.NET
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Sun, 10 May 2026 01:22:41 GMT
date: Sun, 10 May 2026 01:22:41 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching
Consider removing X-Powered-By header to hide server technology