DNS Gurus
Open Cached · just now
20 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31536000; includeSubdomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

2 headers
Cache-Control
Caching
no-store
Etag
Caching
W/"30abe5ba42a7cb0059598dbafad95544"

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

2 headers
Server
Server
Apache/2.4.52 (Ubuntu)
X-Runtime
Server
0.009317

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_clara_session=gdMkYNhO1nGvwY%2BOMFXblnB8f9rBlvlZU4o7RF5P%2BNwF9P5%2BKMhRL8EXm76C5C33yTbNOOESLb8V3nuxKldj5Qojtbhrlurh7%2BQq32c%2Fe32sW1cRRph8xIJa9UTn%2BJrMNShfOzpYXRseygXQjPneK%2BgNV9t4xYdZs7Aq9i1Ey5FX6UbA2OpeZ1XYxEv8JHEXp1y0iQhGSeEuV%2Fsso0qZE8wrox8TGBl7JjZb2WfXN%2BfVzE4%2Fe4G7hpjLTMhLytNV4YTwux44J0jtrRix7FZwTEB5GUVA%2BvSBPZKktnHnlN6BoMk15mCMVLw5Nm%2B87qrC2sWYGWtXpO%2BBbqLI03Ey0lIJcz0NOw%3D%3D--Rub%2BOb%2B5ynC8iklf--5RdRoMtiy00Lv45xOuBtEw%3D%3D; domain=.clara.fi; path=/; secure; HttpOnly; SameSite=Lax

Other Headers

6 headers
Date
Other
Fri, 21 Nov 2025 11:14:35 GMT
Link
Other
</assets/extranet/application-815e1df2fdadcd17bfb7e5a67d86c1288a55d0992040e5309bb284e90af5923b.css>; rel=preload; as=style; nopush,</assets/application-f52a16b815415b96263bbde13b414c998f6022a0bab945167d1a0e9f3f05212e.js>; rel=preload; as=script; nopush,</assets/extranet/application-f34b3cb1faf88ca2ddf39f88e08686c9f93a7820e7c1ed3743afede31d64964e.js>; rel=preload; as=script; nopush
Status
Other
200 OK
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
4ee856a4-9709-45af-b35d-d2b9d76d9008

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 604ms