DNS Gurus
Open Cached · 29m ago
21 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Add Content-Security-Policy header to prevent XSS attacks
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Connection
Performance
keep-alive
Transfer-Encoding
Performance
chunked

Caching Headers

2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"eac2d97d96251d6b62f73333f97da6c9"

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

3 headers
Server
Server
nginx + Phusion Passenger(R)
X-Powered-By
Server
Phusion Passenger(R)
X-Runtime
Server
0.014392

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_lp-webapp_session=6okG51STR7IOnEkiZshFBKXVPHPDhmlx5aPfMRLQr94c%2BrZD1pKqTY2WmKIXL44sUS08EurHZGPyB7dc13jdr499vEE7OBfVDXlTiu0ccFRJYVzrIP4pcXkyYTYHDV9g55BDBPKBzpayF8%2FWnBwpUewhBwLr%2B7RvS%2FiUyvNyzlMUn13ixT67KrkPbIFYtccWVAxvT%2Brg3EpXGF43ea2ZiNBRjO4qLTYQw4jxD8NXFr%2Fo2H1rdljwdACp02l9g6oO7ffuKPetF7ZZf9VIHSK5UUOnGB2QoDwnKyE%3D--hVnXQE5JFzu%2BW4ui--zGo%2FwhQC%2B4fszDPpnhUaNQ%3D%3D; domain=unbounce.com; path=/; secure; HttpOnly; SameSite=Lax

Other Headers

7 headers
Date
Other
Mon, 10 Nov 2025 13:51:41 GMT
Link
Other
</app_assets/recaptcha-8eeb28bb245c78d26d57387aa06911c1f7c5101c43792d274b26f0e75f803228.js>; rel=preload; as=script; nopush,</app_assets/plugins/hints-and-validations-932ff76b858f3410f787c04c9affb241f59b9d070db34a3cfcbb0d05e6434de9.js>; rel=preload; as=script; nopush,</app_assets/pages/sign-in-funnel-87f64d18375d47ad5e459b8b81598009c742448e7406f62e25b527aad6d06526.js>; rel=preload; as=script; nopush,</app_assets/public/sign-in-email-validation-9c62a4d33700bba5b87388c4b323a81249397bce4ce57062c35104a67cb48eee.js>; rel=preload; as=script; nopush,</app_assets/base/font_faces-1d2f360899b5ec7f6f0e62df4597b0f91e53efe5f85e87a5093b72163387e39a.css>; rel=preload; as=style; nopush,</app_assets/application-d8bc7465aec95c660fd43492c873981f8569f4068f5dda56ddf0e73cb84bc990.css>; rel=preload; as=style; nopush,</app_assets/lp-global-d2776a1c2e5a7c29a34b483055445cffbe00cd67ff033b60dc8efe684a919b5d.js>; rel=preload; as=script; nopush,</packs/js/application-017e28b84c8b790afd96.js>; rel=preload; as=script; nopush
Status
Other
200 OK
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
a1bfc5bc-b054-4144-a3ef-62abb3bcd27f
X-Server-Instance
Other
lp-webapp-6bbd455fb-m4jd8

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology

Analysis completed in 64ms