DNS Gurus
Cached · 3h ago
25 Headers

Detected Technologies from Headers

See all in URL Inspect 35
PayPal logo PayPal AWS API Gateway logo AWS API Gateway AWS CloudFront logo AWS CloudFront YouTube logo YouTube Google AdSense logo Google AdSense Google Tag Manager logo Google Tag Manager Azure Blob Storage logo Azure Blob Storage Envoy logo Envoy Google DoubleClick logo Google DoubleClick Google Analytics logo Google Analytics Microsoft Advertising logo Microsoft Advertising Google Conversion Tracking logo Google Conversion Tracking Loggly logo Loggly Google Static File Front End logo Google Static File Front End LaunchDarkly logo LaunchDarkly Next.js logo Next.js Google API JS Client logo Google API JS Client Google Fonts logo Google Fonts Hotjar logo Hotjar LinkedIn logo LinkedIn LiveChat logo LiveChat unpkg logo unpkg Google Search logo Google Search Facebook logo Facebook Amazon S3 logo Amazon S3 OneTrust logo OneTrust Salesforce Sites logo Salesforce Sites Storyblok logo Storyblok AWS logo AWS Active incidents jQuery logo jQuery Salesforce Pardot logo Salesforce Pardot Taboola logo Taboola Vimeo logo Vimeo Sentry logo Sentry Google Cloud logo Google Cloud

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
AWS API Gateway logo
Basic
default-src; connect-src; frame-src; +5 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Vary
Performance
Accept-Encoding

Caching Headers

Cache-Control
Caching
private, no-cache, no-store, max-age=0, must-revalidate
Etag
Caching
"kktpy6sdyv1jtl"

Content Headers

Content-Length
Content
72947
Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Envoy logo
Server
envoy
X-Powered-By
Next.js logo
Server
Next.js

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date
Other
Mon, 11 May 2026 22:23:17 GMT
Req-Id
Other
90e330d9-cc77-4027-a415-7ca80dcad3e6
Via
AWS CloudFront logo
Other
1.1 82caf3289f68886de3a67a0f5dcf96c8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
AWS CloudFront logo
Other
L4DaPZ64Ju0Kub-A8LvBRATYkAMs30stCBj64fECoNrabdwqKw03sg==
X-Amz-Cf-Pop
AWS CloudFront logo
Other
IAD61-P4
X-Cache
AWS CloudFront logo
Other
Miss from cloudfront
X-Dns-Prefetch-Control
Other
off
X-Download-Options
Other
noopen
X-Envoy-Upstream-Service-Time
Envoy logo
Other
40
X-Permitted-Cross-Domain-Policies
Other
none

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology