Open
Cached
·
just now
27
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Good
default-src; base-uri; object-src; +11 more
default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self' statusbrew.co.jp *.statusbrew.co.jp statusbrew.com *.statusbrew.com *.prismic.io; script-src 'self' 'unsafe-inline' *.statusbrew.com capi-automation.s3.us-east-2.amazonaws.com prismic.io *.prismic.io www.google.com www.googletagmanager.com googleads.g.doubleclick.net *.google-analytics.com js.intercomcdn.com widget.intercom.io cdn.amplitude.com plausible.io connect.facebook.net snap.licdn.com fast.wistia.com cdn.segment.com *.hotjar.com *.calendly.com *.cookiebot.com webforms.pipedrive.com *.pipedriveassets.com *.sentry-cdn.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-src 'self' brew.prismic.io fast.wistia.com fast.wistia.net *.googletagmanager.com *.doubleclick.net *.facebook.com www.youtube.com widget.intercom.io js.stripe.com calendly.com consentcdn.cookiebot.com *.pipedrive.com; media-src 'self' data: https: blob:; worker-src 'self' blob:; upgrade-insecure-requests; report-to csp-endpoint
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
1 headers
Cache-Control
Caching
private, no-cache, no-store, max-age=0, must-revalidate
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
Apache
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
NEXT_LOCALE=en-us; Path=/; SameSite=lax
Other Headers
10 headers
Alt-Svc
Other
h3=":443"; ma=86400
Date
Other
Sat, 24 Jan 2026 05:07:28 GMT
Link
Other
</_next/static/media/1755441e3a2fa970-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/5c0c2bcbaa4149ca-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
Report-To
Other
{"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://report.centralcsp.com/68f0c43b254a551f4e91b0e0"}],"include_subdomains":true}
Reporting-Endpoints
Other
csp-endpoint="https://report.centralcsp.com/68f0c43b254a551f4e91b0e0"
Via
Other
1.1 0dc812a83c1e947b351f1eb1761c3c94.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
xYInBoL-mnAQK5fDMmE0eeORIE6SR1zkeY_9OX38FmkX2qFm4tv-7Q==
X-Amz-Cf-Pop
Other
IAD61-P12
X-Cache
Other
Miss from cloudfront
X-Middleware-Rewrite
Other
/en-us
Recommendations
Enable compression (gzip/brotli) to improve performance