DNS Gurus
Cached · 2h ago
16 Headers

Detected Technologies from Headers

See all in URL Inspect 16
AWS logo AWS Active incidents Bugsnag logo Bugsnag Facebook logo Facebook Google Analytics logo Google Analytics Google Conversion Tracking logo Google Conversion Tracking Google DoubleClick logo Google DoubleClick Google Fonts logo Google Fonts Google Search logo Google Search Google Static File Front End logo Google Static File Front End Google Tag Manager logo Google Tag Manager LinkedIn logo LinkedIn Microsoft 365 logo Microsoft 365 Twitter logo Twitter Vimeo logo Vimeo YouTube logo YouTube Google Cloud logo Google Cloud

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload;
Content-Security-Policy
Google Conversion Tracking logo
Basic
default-src; frame-ancestors; style-src; +8 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Present
SAMEORIGIN, SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
fullscreen=(self "https://static.carahsoft.com" "https://www.youtube.com")
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

Cache-Control
Caching
no-cache, private, max-age=172800
Expires
Caching
Tue, 12 May 2026 21:52:37 GMT

Content Headers

Content-Type
Content
text/html; charset=UTF-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie
Cookies

Other Headers

Alt-Svc
Other
h3=":443"; ma=86400
Date
Other
Sun, 10 May 2026 21:52:37 GMT
Reporting-Endpoints
Other
csp-endpoint="https://carahevents.carahsoft.com/api/cspreport/csp-report-endpoint"
Serversignature
Other
Off

Recommendations

Enable compression (gzip/brotli) to improve performance