DNS Gurus
Cached · just now
15 Headers

Detected Technologies from Headers

See all in URL Inspect 43
Google AdSense logo Google AdSense Beamer logo Beamer Criteo logo Criteo Google Tag Manager logo Google Tag Manager Bing logo Bing Ahrefs logo Ahrefs AppNexus (Xandr) logo AppNexus (Xandr) OpenStreetMap logo OpenStreetMap Fullstory logo Fullstory HubSpot Forms logo HubSpot Forms Adyen logo Adyen Google DoubleClick logo Google DoubleClick Google Analytics logo Google Analytics Microsoft Advertising logo Microsoft Advertising Google Conversion Tracking logo Google Conversion Tracking Segment logo Segment Datadog logo Datadog Google Static File Front End logo Google Static File Front End Outbrain logo Outbrain Next.js logo Next.js Google API JS Client logo Google API JS Client Wistia logo Wistia Twitter logo Twitter Hotjar logo Hotjar LinkedIn logo LinkedIn HubSpot Analytics logo HubSpot Analytics Teads logo Teads Nginx logo Nginx Facebook logo Facebook Adobe Fonts (Typekit) logo Adobe Fonts (Typekit) AWS logo AWS AWS CloudFront logo AWS CloudFront jQuery logo jQuery Taboola logo Taboola Vimeo logo Vimeo HubSpot logo HubSpot Intercom logo Intercom YouTube logo YouTube Microsoft Clarity logo Microsoft Clarity Font Awesome logo Font Awesome HubSpot Live Chat logo HubSpot Live Chat Google Cloud logo Google Cloud Google Cloud Storage logo Google Cloud Storage

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Datadog logo
Basic
default-src; upgrade-insecure-requests; block-all-mixed-content Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding

Caching Headers

Cache-Control
Caching
private, no-cache, no-store, max-age=0, must-revalidate

Content Headers

Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Nginx logo
Server
nginx
X-Powered-By
Next.js logo
Server
Next.js

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc
Other
h3=":443"; ma=86400
Date
Other
Fri, 01 May 2026 03:39:10 GMT
Link
Other
Via
AWS CloudFront logo
Other
1.1 32906bb872c08ff51404d826f2b8ab5e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
AWS CloudFront logo
Other
0xm7s6Q4q0t_IRjHIXMQxXpARr88OYcUVzZefhGcJUW_0pCu1iwfNw==
X-Amz-Cf-Pop
AWS CloudFront logo
Other
IAD61-P6
X-Cache
AWS CloudFront logo
Other
Miss from cloudfront

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology