DNS Gurus
Open Cached · just now
27 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Content-Security-Policy header to prevent XSS attacks
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Connection
Performance
keep-alive
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

3 headers
Age
Caching
15978
Cache-Control
Caching
public, max-age=0, must-revalidate
Last-Modified
Caching
Fri, 10 Oct 2025 22:39:24 GMT

Content Headers

1 headers
Content-Type
Content
text/html

Server Headers

1 headers
Server
Server
cloudflare

CORS Headers

3 headers
Access-Control-Allow-Headers
Cors
*
Access-Control-Allow-Methods
Cors
GET, HEAD, OPTIONS
Access-Control-Allow-Origin
Cors
*

Cookies Headers

1 headers
Set-Cookie
Cookies
_cfuvid=zTQ_XuDAUaxSqWh83.gaueNYpYRR_WcuaCahwiTXfIo-1762658046153-0.0.1.1-604800000; path=/; domain=.postman.com; HttpOnly; Secure; SameSite=None

Other Headers

10 headers
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
99ba2354093bd64f-IAD
Content-Security-Policy-Report-Only
Other
default-src 'self' data: blob: https://067-umd-991.mktoresp.com https://accounts.google.com https://analytics.google.com https://api.amplitude.com https://bi-beta.pst.tech https://bi.pst.tech https://bifrost-https-v4.gw.postman.com https://blog.postman.com https://dl.pstmn.io https://eo2kpuahxhuvgexlueall7gqzq0fihon.lambda-url.us-east-1.on.aws https://events.gw.postman.com https://events.rm-api.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://identity.getpostman-beta.com https://identity.getpostman.com https://lp.postman.com https://munchkin.marketo.net https://pages.getpostman.com https://public.slidesharecdn.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://manifest.webmanifest https://ms1frkqnsp7r.statuspage.io https://run.pstmn.io https://script.hotjar.com https://skills-assets.pstmn.io https://st-ar.cdn.postman.com https://static.cloudflareinsights.com https://static.hotjar.com https://stats.g.doubleclick.net https://td.doubleclick.net https://vc.hotjar.io https://voyager.postman.com https://web.postman.com https://www.googletagmanager.com https://www.slideshare.net https://snap.licdn.com https://www.google.com https://www.youtube.com https://youtube.com https://www.linkedin.com/px/ https://www.postman.com https://snap.licdn.com/ https://i.ytimg.com https://worldtimeapi.org https://maps.google.com https://dx.mountain.com https://px.mountain.com https://gs.mountain.com https://44.238.122.172 https://100.20.58.101 https://35.85.84.151 https://44.228.85.26 https://34.215.155.61 https://35.160.46.251 https://52.71.121.170 https://18.210.229.244 https://44.212.189.233 https://3.212.39.155 https://52.22.50.55 https://54.156.2.105 https://bam.nr-data.net https://js-agent.newrelic.com https://res.cloudinary.com https://mkt.cdn.postman.com https://api.mapbox.com https://events.mapbox.com https://api.fpjs.io https://cdn.amplitude.com https://api2.amplitude.com https://www.facebook.com https://connect.facebook.net https://bat.bing.com https://js.qualified.com wss://ws.qualified.com wss://ws2.qualified.com https://app.qualified.com https://api.company-target.com https://segments.company-target.com https://tag.demandbase.com https://tag-logger.demandbase.com https://s.company-target.com https://alb.reddit.com https://www.redditstatic.com https://pixel-config.reddit.com https://content.hotjar.io https://script.hotjar.com https://static.hotjar.com wss://ws.hotjar.com https://cdn.segment.com https://api.cdp.postman.com https://api.segment.io https://evs.cdp.postman.com https://www.influ2.com https://t.influ2.com https://a.usbrowserspeed.com https://pxl.growth-channel.net https://tags.srv.stackadapt.com https://job-boards.greenhouse.io https://transcend-cdn.com https://telemetry.us.transcend.io https://unpkg.com/[email protected] https://app.launchdarkly.com/ https://events.launchdarkly.com https://tally.so/ https://postman.outgrow.us/ https://api-n.outgrow.co https://t.co/ https://analytics.twitter.com https://static.ads-twitter.com/uwt.js https://id.rlcdn.com https://cdn.cr-relay.com https://accretivemedia.go2cloud.org https://fast.wistia.net https://fast.wistia.com https://embed-ssl.wistia.com https://distillery.wistia.com https://pipedream.wistia.com https://embed-cloudfront.wistia.com https://postman.cdn.prismic.io https://static.cdn.prismic.io https://postman.prismic.io https://browser.sentry-cdn.com 'unsafe-inline' 'unsafe-eval'; form-action 'self'; base-uri 'self';
Date
Other
Sun, 09 Nov 2025 03:14:06 GMT
Via
Other
1.1 f8f0b3606f359a714f92ceb1b2c8828e.cloudfront.net (CloudFront), 1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
V5YxruyLwmx482JRWlxiFI5MF05nntiuH2MI5uA4-Od1RVQcPR_YJA==
X-Amz-Cf-Pop
Other
IAD50-C2
X-Amz-Server-Side-Encryption
Other
AES256
X-Amz-Version-Id
Other
93Q_YrlJA6kcR5Xu6Xsd7lePIi.Kx7Bi
X-Cache
Other
Miss from cloudfront

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 181ms