DNS Gurus
Cached · just now
15 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
close
Vary
Performance
Accept-Encoding

Caching Headers

2 headers
Etag
Caching
"696a59dd-6be05"
Last-Modified
Caching
Fri, 16 Jan 2026 15:31:41 GMT

Content Headers

2 headers
Content-Length
Content
441861
Content-Type
Content
text/html

Server Headers

1 headers
Server
Server
nginx/1.18.0 (Ubuntu)

CORS Headers

0 headers
No CORS headers found

Cookies Headers

0 headers
No cookies headers found

Other Headers

7 headers
Content-Security-Policy-Report-Only
Other
default-src 'none'; script-src 'self' 'unsafe-eval' *.scolab.io cdn.cookielaw.org www.googletagmanager.com di22ilrkkvt8k.cloudfront.net d23i17s0t6o2wm.cloudfront.net js.userflow.com cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' *.scolab.io cdn.cookielaw.org di22ilrkkvt8k.cloudfront.net fonts.googleapis.com js.userflow.com dm7ix0ryvz5xm.cloudfront.net; img-src 'self' data: *.scolab.com cdn.cookielaw.org js.userflow.com www.googletagmanager.com www.google.ca fonts.gstatic.com d1m9xsywzv0elf.cloudfront.net di22ilrkkvt8k.cloudfront.net netmath.ca d14vmpbf847z3j.cloudfront.net dm7ix0ryvz5xm.cloudfront.net; font-src 'self' about: cdn.media.scolab.com fonts.gstatic.com di22ilrkkvt8k.cloudfront.net cdnjs.cloudflare.com; connect-src 'self' *.scolab.com *.scolab.io app.scolab.com:7026 cdn.cookielaw.org browser-intake-datadoghq.com browser-http-intake.logs.datadoghq.com analytics.google.com stats.g.doubleclick.net region1.analytics.google.com www.google-analytics.com *.mouseflow.com di22ilrkkvt8k.cloudfront.net workbook-artifacts.s3.amazonaws.com d23i17s0t6o2wm.cloudfront.net scolab-static.s3.amazonaws.com wss://e.userflow.com scolab-text-to-speech-cache.s3.amazonaws.com; media-src 'none' *.scolab.com d3sdnxmktovfsi.cloudfront.net; object-src 'none'; child-src 'none'; frame-src lexique.netmath.ca; worker-src 'none' blob:; frame-ancestors 'none'; form-action 'self'; base-uri 'self'; manifest-src 'self' buzzmath.com dm7ix0ryvz5xm.cloudfront.net; report-uri /newApi/csp-report/violations;
Date
Other
Fri, 16 Jan 2026 16:05:04 GMT
Via
Other
1.1 a4f1a1c9f87b459b8001bc77030a99b2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Other
ap_A3QemnugFq2U1MsFgQYzsPYJXUx0NMVlRCK6_CAyTs-7lKaYC0w==
X-Amz-Cf-Pop
Other
IAD61-P8
X-Cache
Other
Miss from cloudfront
X-Scolab-Cache-Status
Other
EXPIRED

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching