Open
Cached
·
just now
14
Headers
Detected Technologies from Headers
AWS CloudFront
Adalyser
Microsoft Advertising
Contentful
Facebook
GetSiteControl
Google Analytics
Google Conversion Tracking
Google DoubleClick
Google Optimize
Google reCAPTCHA
Google Search
Google Static File Front End
Google Tag Manager
Hotjar
LinkedIn
Mixpanel
Next.js
Outbrain
Quora
TikTok Analytics
Twitter
unpkg
Vimeo
Visual Website Optimizer
YouTube
Zendesk
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
geolocation=(), microphone=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
Connection
close
Vary
Accept-Encoding
connection: close vary: Accept-Encoding
Caching Headers
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate
Etag
"xkjql2w35uaa9"
cache-control: private, no-cache, no-store, max-age=0, must-revalidate etag: "xkjql2w35uaa9"
Content Headers
Content-Length
13347
Content-Type
text/html; charset=utf-8
content-length: 13347 content-type: text/html; charset=utf-8
Server Headers
X-Powered-By
Next.js
x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Tue, 12 May 2026 14:57:12 GMT
date: Tue, 12 May 2026 14:57:12 GMT
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology