DNS Gurus
Cached · 1h ago
22 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31536000; preload
Content-Security-Policy
Basic
default-src Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges
Performance
bytes
Connection
Performance
Keep-Alive
Keep-Alive
Performance
timeout=15, max=20

Caching Headers

Etag
Caching
1776992130000
Last-Modified
Caching
Fri, 24 Apr 2026 00:55:30 GMT
Pragma
Caching
no-cache

Content Headers

Content-Length
Content
24826
Content-Type
Content
text/html; charset=UTF-8

Server Headers

Server
Server
CrushFTP HTTP Server

CORS Headers

Access-Control-Allow-Credentials
Cors
true
Access-Control-Allow-Headers
Cors
authorization,content-type,x-transfersegment
Access-Control-Allow-Methods
Cors
GET,POST,OPTIONS,PUT,PROPFIND,DELETE,MKCOL,MOVE,COPY,HEAD,PROPPATCH,LOCK,UNLOCK,ACL,TR
Access-Control-Allow-Origin
Cors
false
Access-Control-Max-Age
Cors
600

Cookies Headers

No cookies headers found

Other Headers

Date
Other
Mon, 11 May 2026 15:11:14 GMT
P3p
Other
policyref="/WebInterface/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Ua-Compatible
Other
chrome=1

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching