Open
Cached
·
just now
24
Headers
Detected Technologies from Headers
Adobe Audience Manager
Amplitude
AWS
Amazon S3
Brightcove
Cloudflare CDN
Cloudflare CDNJS
Datadog
Envoy
Facebook
Google Analytics
Google API JS Client
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Optimize
Google Search
Google Sign-In
Google Tag Manager
Heap
Hotjar
Maze
Megaphone
Pinterest
Qualtrics
Segment
Snapchat
Taboola
Tealium
Twitter
YouTube
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=157680000
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
No caching headers found
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
cloudflare
server: cloudflare
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Cf-Cache-Status
DYNAMIC
Cf-Ray
9f66d1cfddd01740-IAD
Date
Mon, 04 May 2026 10:28:36 GMT
Origin-Agent-Cluster
?1
Seek-Melways
true
X-Dns-Prefetch-Control
off
X-Download-Options
noopen
X-Envoy-Upstream-Service-Time
27
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
1c81e1c9-81dc-4d62-9ca1-0114db4c8d65
cf-cache-status: DYNAMIC cf-ray: 9f66d1cfddd01740-IAD date: Mon, 04 May 2026 10:28:36 GMT origin-agent-cluster: ?1 seek-melways: true x-dns-prefetch-control: off x-download-options: noopen x-envoy-upstream-service-time: 27 x-permitted-cross-domain-policies: none x-request-id: 1c81e1c9-81dc-4d62-9ca1-0114db4c8d65
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching