DNS Gurus
Open Cached · just now
22 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked

Caching Headers

3 headers
Cache-Control
Caching
no-cache, no-store
Last-Modified
Caching
Sun, 07 Dec 2025 00:33:18 GMT
Pragma
Caching
no-cache

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

1 headers
Server
Server
cloudflare

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
ARRAffinitySameSite=62de4ec1883f0145a8bb066b6ab300e17b190114376ab1ea9a026366c25c5a4e;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.optimizely.com

Other Headers

7 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
MISS
Cf-Ray
Other
9a9fee4aefa6cb8c-IAD
Content-Security-Policy-Report-Only
Other
connect-src 'self' https://*.adsrvr.org https://*.contentsquare.net https://*.facebook.com https://*.google.com https://*.google.it https://*.linkedin.com https://*.optimizely.com https://*.qualified.com https://*.quora.com https://*.redditstatic.com https://*.wistia.com https://947-rke-048.mktoresp.com https://947-rke-048.mktoutil.com https://a.clarity.ms https://ad.doubleclick.net https://analytics.google.com https://bat.bing.com https://bat.bing.net https://c.6sc.co https://c.az.contentsquare.net https://cdn.segment.com https://d.clarity.ms https://dc.services.visualstudio.com https://e.calibermind.com https://e.clarity.ms https://epsilon.6sense.com https://esp-eu.aptrinsic.com https://f.clarity.ms https://h.clarity.ms https://i.clarity.ms https://insight.adsrvr.org https://ipv6.6sc.co https://j.clarity.ms https://js.zi-scripts.com https://k-us1.az.contentsquare.net https://k.clarity.ms https://l.clarity.ms https://logx.optimizely.com https://n.clarity.ms https://o.clarity.ms https://pages.optimizely.com https://pixel-config.reddit.com https://plugin.ucads.ucweb.com https://q-us1.az.contentsquare.net https://q.clarity.ms https://q.quora.com https://region1.google-analytics.com https://rum.optimizely.com/rum https://s.clarity.ms https://stats.g.doubleclick.net https://usermgmt-api.optimizely.com https://v.clarity.ms https://ws.zoominfo.com https://www.google-analytics.com https://www.google.ca https://www.google.com https://www.google.se https://www.googletagmanager.com https://www.redditstatic.com https://y.clarity.ms wss://*.qualified.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.optimizely.com https://*.qualified.com https://a.quora.com https://bat.bing.com https://cdn.calibermind.com https://cdn.optimizely.com https://cdn.optimizely.com/public/26942930964/s/home.js https://cdn3.optimizely.com https://common.optimizely.com https://connect.facebook.net https://googleads.g.doubleclick.net https://j.6sc.co https://js.adsrvr.org https://js.monitor.azure.com https://js.zi-scripts.com https://munchkin.marketo.net https://optimizely-cmp-analytics.com https://scripts.clarity.ms https://snap.licdn.com https://www.clarity.ms https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.optimizely.com/ https://www.redditstatic.com https://www.youtube.com 'nonce-8LijGZjtA0K3DLFu0+bTPa7BeruDVKLG5t4PrG1KSjg=' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.adsrvr.org https://*.contentsquare.net https://*.facebook.net https://*.optimizely.com https://*.qualified.com https://*.welcomesoftware.com https://6727c0beb7dc6792ffb43ec6.webproofing.cmp.optimizely.com/js/jsx-runtime-4da545d0.js https://a.quora.com https://a26942930964.cdn.optimizely.com https://analytics.google.com https://api.usea01.idio.episerver.net https://app.optimizely.com https://bat.bing.com https://c.az.contentsquare.net https://capture.navattic.com https://cdn.calibermind.com https://cdn.optimizely.com https://cdn3.optimizely.com https://darkvisitors.com/tracker.js https://dc.services.visualstudio.com https://e.calibermind.com https://googleads.g.doubleclick.net https://j.6sc.co https://js.adsrvr.org https://js.monitor.azure.com https://js.navattic.com https://js.zi-scripts.com https://learn.optimizely.com https://logx.optimizely.com https://munchkin.marketo.net https://optimizely-cmp-analytics.com/analytics_2c549e58b1ac477abbecdb2a93599aac.js https://snap.licdn.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.optimizely.com/ 'nonce-8LijGZjtA0K3DLFu0+bTPa7BeruDVKLG5t4PrG1KSjg=' ; style-src 'self' 'unsafe-inline' https://*.linkedin.com https://*.typekit.net https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com 'nonce-8LijGZjtA0K3DLFu0+bTPa7BeruDVKLG5t4PrG1KSjg=' ; worker-src 'self' blob:; script-src-attr 'unsafe-inline'; style-src-attr 'unsafe-inline' https://*.linkedin.com https://*.typekit.net https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; style-src-elem 'unsafe-inline' https://*.linkedin.com https://*.typekit.net https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com https://web-sdk-eu.aptrinsic.com https://www.optimizely.com 'nonce-8LijGZjtA0K3DLFu0+bTPa7BeruDVKLG5t4PrG1KSjg=' ; font-src blob: data: https://*.cloudfront.net https://*.doubleclick.net https://*.gstatic.com https://www.optimizely.com; img-src blob: data: https://*.contentsquare.net https://*.facebook.com https://*.google.co.kr https://*.google.com https://*.linkedin.com https://*.welcomesoftware.com https://a.usea01.idio.episerver.net https://alb.reddit.com https://api.qrserver.com https://api.zaius.com https://b.6sc.co https://bat.bing.com https://c.clarity.ms https://files.marketing.cmp.optimizely.com https://optimizely-public-design-assets.s3.amazonaws.com https://q.quora.com https://www.google.co.th https://www.google.co.uk https://www.google.com.au https://www.google.com.pa https://www.google.com.pk https://www.google.com.tr https://www.google.de https://www.google.ru https://www.googletagmanager.com https://www.optimizely.com https://www.optimizely.com/; media-src data: https://*.optimizely.com https://*.welcomesoftware.com https://files.marketing.cmp.optimizely.com https://www.optimizely.com; default-src blob: https://files.marketing.cmp.optimizely.com; frame-src blob: https://*.6sc.co https://*.adsrvr.org https://*.cdn.optimizely.com https://*.facebook.net https://*.gtmbuddy.io https://*.qualified.com https://6727c0beb7dc6792ffb43ec6.webproofing.cmp.optimizely.com/js/jsx-runtime-4da545d0.js https://capture.navattic.com https://td.doubleclick.net https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; report-to stott-security-endpoint;
Date
Other
Sun, 07 Dec 2025 00:33:18 GMT
Reporting-Endpoints
Other
stott-security-endpoint="https://www.optimizely.com/stott.security.optimizely/api/cspreporting/reporttoviolation/"
Request-Context
Other
appId=cid-v1:34740e8b-5b5c-4501-b90b-9f6800a5f887

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 507ms