DNS Gurus
Cached · 8h ago
10 Headers

Detected Technologies from Headers

See all in URL Inspect 8
AWS CloudFront logo AWS CloudFront Google Analytics logo Google Analytics Google DoubleClick logo Google DoubleClick Google Fonts logo Google Fonts Google Search logo Google Search Google Tag Manager logo Google Tag Manager Express logo Express Google Cloud Storage logo Google Cloud Storage

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000 ; includeSubDomains ; preload
Content-Security-Policy
AWS CloudFront logo
Basic
default-src; img-src; connect-src; +7 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close

Caching Headers

No caching headers found

Content Headers

Content-Length
Content
54193
Content-Type
Content
text/html; charset=utf-8

Server Headers

X-Powered-By
Express logo
Server
Express

CORS Headers

Access-Control-Allow-Headers
Cors
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
Access-Control-Allow-Methods
Cors
GET, POST, OPTIONS

Cookies Headers

No cookies headers found

Other Headers

Date
Other
Sat, 11 Apr 2026 18:35:13 GMT

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching

Consider removing X-Powered-By header to hide server technology