Web response audit
vercel.app HTTP headers
SEO page with a cached HTTP response header and security signals check.
Results
Status
200
Final URL
https://vercel.com
Accept-Ch
Sec-CH-Prefers-Color-Scheme
Age
15
Cache-Control
public, max-age=0, must-revalidate
Content-Security-Policy
default-src 'self' vercel.com *.vercel.com assets.vercel.com *.vercel.sh vercel.live wss://*.vercel.com *.codesandbox.io localhost:* chrome-extension://* https://www.youtube-nocookie.com https://risk.clearbit.com https://react-tweet.vercel.app/*;script-src 'self' 'unsafe-eval' 'unsafe-inline' 'inline-speculation-rules' https://snap.licdn.com https://www.youtube.com cdn.vercel-insights.com va.vercel-scripts.com vercel.com *.vercel.com assets.vercel.com *.vercel.sh vercel.live wss://*.vercel.com *.codesandbox.io localhost:* chrome-extension://* https://www.youtube-nocookie.com https://risk.clearbit.com https://react-tweet.vercel.app/* cdp.vercel.com;style-src 'self' 'unsafe-inline' vercel.com *.vercel.com assets.vercel.com *.vercel.sh vercel.live wss://*.vercel.com *.codesandbox.io localhost:* chrome-extension://* https://www.youtube-nocookie.com https://risk.clearbit.com https://react-tweet.vercel.app/*;img-src 'self' blob: data: *.github.io avatars.githubusercontent.com user-images.githubusercontent.com vercel.com vercel.live *.vercel.sh assets.vercel.com cdn.raster.app https://images.ctfassets.net https://www.google.com https://i.ytimg.com https://s3.amazonaws.com pbs.twimg.com https://www.gravatar.com https://lishhsx6kmthaacj.public.blob.vercel-storage.com;media-src 'self' blob: data: vercel.com *.vercel.com assets.vercel.com *.vercel.sh vercel.live wss://*.vercel.com *.codesandbox.io localhost:* chrome-extension://* https://www.youtube-nocookie.com https://risk.clearbit.com https://react-tweet.vercel.app/*;connect-src 'self' data: *.ingest.sentry.io *.ingest.us.sentry.io wss://ws-us3.pusher.com sockjs-use3.pusher.com react-tweet.vercel.app https://*.contentful.com www.vercel-status.com unpkg.com vercel.com *.vercel.com assets.vercel.com *.vercel.sh vercel.live wss://*.vercel.com *.codesandbox.io localhost:* chrome-extension://* https://www.youtube-nocookie.com https://risk.clearbit.com https://react-tweet.vercel.app/* cdp.vercel.com;font-src 'self' vercel.com assets.vercel.com vercel.live fonts.gstatic.com *.vercel.sh;frame-ancestors 'self' https://vercel.com https://app.contentful.com https://*.contentful.com https://*.vercel.sh https://*.vercel.com
Content-Type
text/html; charset=utf-8
Critical-Ch
Sec-CH-Prefers-Color-Scheme
Date
Thu, 11 Jun 2026 12:58:55 GMT
Etag
W/"ipn5qjt80hh5t0"
Feature-Policy
fullscreen 'self'; camera 'none'
Referrer-Policy
origin-when-cross-origin
Server
Vercel
Set-Cookie
_v-consent=%7B%22essential%22%3Atrue%2C%22analytics%22%3Atrue%2C%22marketing%22%3Atrue%2C%22functional%22%3Atrue%2C%22version%22%3A1%7D; Path=/; Max-Age=31536000; SameSite=Lax; Secure; Domain=.vercel.com, _v-anonymous-id=XVUnRLvikb2IgEBjwxSTv; Path=/; Max-Age=7776000; SameSite=Lax; Secure; Domain=.vercel.com, _v-anonymous-id-renewed=1; Path=/; Max-Age=86400; SameSite=Lax; Secure; Domain=.vercel.com
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
X-Content-Type-Options
nosniff
X-Dns-Prefetch-Control
on
X-Download-Options
noopen
X-Frame-Options
DENY
X-Matched-Path
/precomputed/exp~eyJhbGciOiJIUzI1NiJ9._f4.Ka72W-xsYOlFxo9w9n45YVXqCf4mVZXqPqfkYRrKJYI/home/eyJhbGciOiJIUzI1NiJ9.AP0.oDQI2EkCFdUQ415KgLa3n_hyMf3VcwoCDGS6Q-Fgk5w/regular
X-Nextjs-Prerender
1
X-Nextjs-Stale-Time
300
X-Pathname
/
X-Powered-By
Next.js, Payload
X-Vercel-Cache
HIT
X-Vercel-Id
cdg1::iad1::c2nmf-1781182751492-b0708d4e835f
X-Xss-Protection
0