DNS Gurus
Cached · just now
20 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Add Content-Security-Policy header to prevent XSS attacks
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

3 headers
Cache-Control
Caching
no-cache, no-store
Etag
Caching
W/"2d8d14c63389a881f922d0ccf748f63f"
Pragma
Caching
no-cache

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

1 headers
X-Runtime
Server
0.018603

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_codeship_mothership_session=f4a32275e595a5c73d8715203e4f7cfb; path=/; expires=Wed, 14 Jan 2026 20:24:13 GMT; secure; HttpOnly; SameSite=Lax

Other Headers

6 headers
Content-Security-Policy-Report-Only
Other
base-uri 'self'; default-src 'self'; connect-src 'self' https://api.braintreegateway.com/ https://builds.codeship-internal.com/ https://client-analytics.braintreegateway.com/ https://codeship-step-logs.s3.amazonaws.com/ https://cwx8ktdhck6w.statuspage.io/api/ https://payments.braintree-api.com/ https://www2.profitwell.com/ wss://ws-mt1.pusher.com/; frame-src https://assets.braintreegateway.com/ https://headway-widget.net/; font-src 'self' data: 'nonce-uSdBBpEl7Iw6AU8SN+KRsA=='; img-src 'self' data: https: https://cdn.cloudbees.com/; object-src 'none'; script-src 'self' 'unsafe-inline' https://cdn.headwayapp.co/widget.js https://cdn.rollbar.com/rollbarjs/ https://d1089v03p3mzyq.cloudfront.net/ https://dna8twue3dlxq.cloudfront.net/js/profitwell.js 'nonce-uSdBBpEl7Iw6AU8SN+KRsA=='; style-src 'self' https://assets.braintreegateway.com/ https://cdn.cloudbees.com/ https://d1089v03p3mzyq.cloudfront.net/ 'nonce-uSdBBpEl7Iw6AU8SN+KRsA=='
Date
Other
Tue, 13 Jan 2026 20:24:13 GMT
Via
Other
1.1 spaces-router (878c4b46ede4)
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
4a3ff107-da50-8201-3d52-b48f17beb3fa

Recommendations

Enable compression (gzip/brotli) to improve performance