Open
Cached
·
just now
15
Headers
Detected Technologies from Headers
AWS CloudFront
AWS
Active incidents
Amazon S3
Drift
Active incidents
Fullstory
Google Analytics
Google API JS Client
Google Fonts
Google reCAPTCHA
Google Search
Google Sign-In
Intercom
Mixpanel
Active incidents
Pendo
Active incidents
Qualtrics
Vimeo
Visual Website Optimizer
Wistia
YouTube
Google Cloud Storage
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
connection: close transfer-encoding: chunked vary: Accept-Encoding
Caching Headers
Cache-Control
no-store, no-cache, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
cache-control: no-store, no-cache, must-revalidate expires: Thu, 01 Jan 1970 00:00:00 UTC pragma: no-cache
Content Headers
Content-Type
text/html;charset=UTF-8
content-type: text/html;charset=UTF-8
Server Headers
Server
ChargeBee
server: ChargeBee
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Wed, 13 May 2026 20:13:08 GMT
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet
date: Wed, 13 May 2026 20:13:08 GMT x-robots-tag: noindex, nofollow, noarchive, nosnippet
Recommendations
Enable compression (gzip/brotli) to improve performance