Open
Cached
·
just now
24
Headers
Detected Technologies from Headers
AWS API Gateway
Google AdSense
HubSpot Video
Google Tag Manager
RevenueHero
Netlify
Scarf
HubSpot Forms
HubSpot Feedback & Surveys
Google DoubleClick
Google Analytics
Google Conversion Tracking
ClearBit
Cloudflare CDN
Google Static File Front End
Ghost
Next.js
Google Fonts
Twitter
Hotjar
LinkedIn
HubSpot CMS
HubSpot Analytics
Google Search
Facebook
Amazon S3
GitHub
Active incidents
Adobe Fonts (Typekit)
Cloudflare CDNJS
AWS
IP-API
HubSpot
YouTube
HubSpot Live Chat
Sentry
jsDelivr
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
X-Frame-Options
Good
sameorigin
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(self), autoplay=(self "https://www.youtube.com"), camera=(self); +8 more
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Age
100475
Cache-Control
public,max-age=0,must-revalidate
age: 100475 cache-control: public,max-age=0,must-revalidate
Content Headers
Content-Type
text/html; charset=utf-8
content-type: text/html; charset=utf-8
Server Headers
Server
cloudflare
X-Powered-By
Next.js
server: cloudflare x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Cache-Status
"Netlify Edge"; hit
Cf-Cache-Status
DYNAMIC
Cf-Ray
9f49cb5b9d10e5eb-IAD
Date
Thu, 30 Apr 2026 21:56:05 GMT
Netlify-Vary
query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data
Report-To
Group
csp-endpoint
max-age: 18w
Reporting-Endpoints
csp-endpoint="https://o4511099878637568.ingest.de.sentry.io/api/4511134031937616/security/?sentry_key=64999a84abc3469206792e982d195c43"
X-Mysticeti
eC5DRo9sohLoSIudKcwSqYcvdcsvEcHj
X-Nextjs-Date
Wed, 29 Apr 2026 18:01:59 GMT
X-Nf-Request-Id
01KQG68NADY3MYKDEH87DYJZN8
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 9f49cb5b9d10e5eb-IAD
date: Thu, 30 Apr 2026 21:56:05 GMT
netlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data
report-to: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"https://o4511099878637568.ingest.de.sentry.io/api/4511134031937616/security/?sentry_key=64999a84abc3469206792e982d195c43"}],"include_subdomains":true}
reporting-endpoints: csp-endpoint="https://o4511099878637568.ingest.de.sentry.io/api/4511134031937616/security/?sentry_key=64999a84abc3469206792e982d195c43"
x-mysticeti: eC5DRo9sohLoSIudKcwSqYcvdcsvEcHj
x-nextjs-date: Wed, 29 Apr 2026 18:01:59 GMT
x-nf-request-id: 01KQG68NADY3MYKDEH87DYJZN8
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology