Open
Cached
·
just now
17
Headers
Detected Technologies from Headers
Gravatar
Amazon Advertising
AMP
Auth0
Amazon S3
BootstrapCDN
Cloudflare CDNJS
Google AdSense
Google Analytics
Google Conversion Tracking
Google DoubleClick
Google Search
Google Tag Manager
jQuery
jQuery Migrate
jsDelivr
List.js
New Relic
PubMatic
Stripe
TripleLift
Twitter
WordPress
Google Cloud Storage
Underscore.js
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=15552000; includeSubDomains
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Vary
Accept-Encoding
connection: close vary: Accept-Encoding
Caching Headers
Etag
W/"aa9f-G1aX1MYdTH0ChcanUGTOErqx0/k"
etag: W/"aa9f-G1aX1MYdTH0ChcanUGTOErqx0/k"
Content Headers
Content-Length
43679
Content-Type
text/html; charset=utf-8
content-length: 43679 content-type: text/html; charset=utf-8
Server Headers
No server headers found
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Mon, 04 May 2026 06:04:26 GMT
X-Dns-Prefetch-Control
off
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
date: Mon, 04 May 2026 06:04:26 GMT x-dns-prefetch-control: off x-download-options: noopen x-permitted-cross-domain-policies: none
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching