Open
Cached
·
just now
19
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Present
ALLOW-FROM self *.vandewiele.prod.digitalpulse.dev vandewiele.stag.digitalpulse.dev *.vandewiele.stag.digitalpulse.dev vandewiele.com *.vandewiele.com aros.se barattocornely.com bejimac.com bmsvision.com bonas.be cobble.co.uk iroab.com loepfe.com memminger-iro.com mesdan.it protechna.de roj.com www.saviospa.com superba.com vandewiele.se vigan.com titansew.com vandewiele-tufting.com
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
no-referrer-when-downgrade, strict-origin-when-cross-origin
Permissions-Policy
Present
geolocation=(self), microphone=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache
Content Headers
Content-Type
text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
Server Headers
Server
nginx
X-Powered-By
SEOmatic
server: nginx x-powered-by: SEOmatic
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Tue, 09 Jun 2026 20:41:48 GMT
X-Robots-Tag
none
date: Tue, 09 Jun 2026 20:41:48 GMT x-robots-tag: none
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology