DNS Gurus
Open Cached · just now
18 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
script-src; default-src; frame-ancestors; +1 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Connection
Performance
keep-alive
Vary
Performance
Origin

Caching Headers

2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"c6c8923244dcf45d256011423a8610b2"

Content Headers

2 headers
Content-Length
Content
2967
Content-Type
Content
text/html; charset=utf-8

Server Headers

1 headers
X-Runtime
Server
0.030146

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_session_id=a4d242833615eced27ea55a7e22e307d; path=/; expires=Sat, 15 Nov 2025 03:26:52 GMT; secure; HttpOnly; SameSite=None

Other Headers

5 headers
Date
Other
Fri, 14 Nov 2025 03:26:52 GMT
Link
Other
<https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,500,500italic,700,900,900italic>; rel=preload; as=style; nopush,<https://cdn.northpass.com/assets/service-teaching-host-ui/normalize.50a922d3b8ef991fc016.css>; rel=preload; as=style; nopush,<https://cdn.northpass.com/assets/service-teaching-host-ui/styleguide.c97eb42709762594d9aa.css>; rel=preload; as=style; nopush,<https://cdn.northpass.com/assets/i18n-67ac5b212d3a13f3778bd5e995918c13512cf5db958ae4100bd4fbd29b5af2a1.js>; rel=preload; as=script; nopush,<https://cdn.northpass.com/assets/service-teaching-host-ui/locales-teaching.c1378639cc84c4b3d3aa.js>; rel=preload; as=script; nopush,<https://cdn.northpass.com/assets/service-teaching-host-ui/login-page.43b5bd22162a513c8707.js>; rel=preload; as=script; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
b1daeb4ffa8adb0f11e9f9cca6fad570

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 122ms