DNS Gurus
Cached · just now
16 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding

Caching Headers

1 headers
Cache-Control
Caching
public, max-age=300, s-maxage=600, stale-while-revalidate=300, stale-if-error=300

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

1 headers
Server
Server
cloudflare

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
__cf_bm=_IEeYd4_QMVoo08m6yzT0chRdsk__gcLSFbDgS6a7Qw-1767354449-1.0.1.1-PJPZsoFp5OpqaZ7vhH4wSpwLf6ea7aT573sF30HjhZqSwlfQLrgmHKdrfX5m851WHb8ABRvPlnKWl6gKc03Mgx4.lzFMHyUU2PjMjjCHW64; path=/; expires=Fri, 02-Jan-26 12:17:29 GMT; domain=.make.com; HttpOnly; Secure; SameSite=None

Other Headers

9 headers
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9b7a059a9f0e9c73-IAD
Content-Security-Policy-Report-Only
Other
default-src 'self' https://*.clarity.ms https://cdn.voiceflow.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cookielaw.org https://*.greenhouse.io https://*.rudderlabs.com https://*.rudderstack.com https://*.google.com https://*.google.cz https://*.googletagmanager.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.net https://*.linkedin.com https://*.licdn.com https://*.redditstatic.com https://*.hubspot.com https://*.hsforms.net https://*.hs-scripts.com https://*.youtube.com https://*.ytimg.com https://*.voiceflow.com https://*.bing.com http://*.bing.com https://*.clarity.ms https://*.cloudflare.com https://*.smartsuppchat.com https://*.pardot.com sha256-70d2c43ed33cfa5488ea1af389285bb579db2e83705a137c47b5cff90904a2c9 https://growthbookapi.internal.integromat.org/api/features/sdk-1mYjPVNuxhcTysay; connect-src 'self' https://*.contentful.com https://*.ctfassets.net https://*.rudderlabs.com https://*.rudderstack.com https://*.google.com https://*.google.cz https://*.google-analytics.com https://*.googleadservices.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.linkedin.com https://*.reddit.com https://*.redditstatic.com https://*.hubspot.com https://*.hsforms.com https://*.greenhouse.io https://*.voiceflow.com wss://*.voiceflow.com https://*.onetrust.com https://*.cookielaw.org https://*.bing.com https://*.clarity.ms https://browser-intake-datadoghq.com https://*.smartsuppchat.com sha256-70d2c43ed33cfa5488ea1af389285bb579db2e83705a137c47b5cff90904a2c9 https://growthbookapi.internal.integromat.org/api/features/sdk-1mYjPVNuxhcTysay; img-src 'self' https://*.make.com data: blob: https://*.ctfassets.net https://*.contentful.com https://*.google.com https://www.google.cz https://*.googletagmanager.com https://*.google-analytics.com https://*.linkedin.com https://*.facebook.com https://*.pinterest.com https://*.reddit.com https://*.redditstatic.com https://*.hubspot.com https://*.youtube.com https://*.ytimg.com https://*.cookielaw.org https://*.bing.com https://*.glassdoor.com https://*.slack-edge.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.cookielaw.org https://*.clarity.ms https://*.doubleclick.net https://*.g.doubleclick.net https://*.voiceflow.com sha256-70d2c43ed33cfa5488ea1af389285bb579db2e83705a137c47b5cff90904a2c9; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.cookielaw.org https://*.voiceflow.com; style-src-elem 'self' https://*.voiceflow.com https://*.pardot.com; font-src 'self' data: https://*.gstatic.com https://*.cookielaw.org https://*.voiceflow.com; frame-src 'self' https://*.youtube.com https://*.youtube-nocookie.com https://*.greenhouse.io https://*.hubspot.com https://*.hsforms.com https://*.googletagmanager.com https://*.make.com https://*.chameleon.io sha256-70d2c43ed33cfa5488ea1af389285bb579db2e83705a137c47b5cff90904a2c9; media-src 'self' https://*.ctfassets.net http://*.ctfassets.net; object-src 'none'; base-uri 'self'; form-action 'self' https://*.hubspot.com https://*.hsforms.com; frame-ancestors 'none'; block-all-mixed-content; upgrade-insecure-requests; report-to csp_report_endpoint
Date
Other
Fri, 02 Jan 2026 11:47:29 GMT
Link
Other
</_next/static/media/83afe278b6a6bb3c-s.p.3a6ba036.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
Reporting-Endpoints
Other
csp_report_endpoint="https://www.make.com/en/api/csp-reports"
X-Country
Other
US
X-Current-Path
Other
/en
X-Is-Geo-Location-Enabled
Other
false

Recommendations

Enable compression (gzip/brotli) to improve performance