DNS Gurus
Cached · just now
26 Headers

Detected Technologies from Headers

See all in URL Inspect 38
AWS CloudFront logo AWS CloudFront Google AdSense logo Google AdSense Google Tag Manager logo Google Tag Manager Bing logo Bing Netlify logo Netlify Reddit logo Reddit HubSpot Forms logo HubSpot Forms Google DoubleClick logo Google DoubleClick Spline logo Spline Google Analytics logo Google Analytics Microsoft Advertising logo Microsoft Advertising Google Conversion Tracking logo Google Conversion Tracking Mixpanel logo Mixpanel Greenhouse logo Greenhouse Datadog logo Datadog CoinGecko logo CoinGecko Google Static File Front End logo Google Static File Front End Next.js logo Next.js TikTok Analytics logo TikTok Analytics Google Fonts logo Google Fonts Twitter logo Twitter Algolia logo Algolia G Workspace logo G Workspace LinkedIn logo LinkedIn Contentful logo Contentful HubSpot Analytics logo HubSpot Analytics Google Search logo Google Search Facebook logo Facebook Amazon S3 logo Amazon S3 Snapchat logo Snapchat Adobe Fonts (Typekit) logo Adobe Fonts (Typekit) Cloudflare CDNJS logo Cloudflare CDNJS Builder.io logo Builder.io MNTN logo MNTN HubSpot logo HubSpot YouTube logo YouTube Microsoft Clarity logo Microsoft Clarity Google Cloud logo Google Cloud

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
AWS CloudFront logo
Basic
connect-src; img-src; script-src; +11 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
rsc,Accept-Encoding

Caching Headers

Age
Caching
36523
Cache-Control
Caching
public,max-age=0,must-revalidate
Etag
Caching
W/"1757m7qww5a9d5x"

Content Headers

Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Netlify logo
Server
Netlify

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie
Cookies

Other Headers

Cache-Status
Netlify logo
Other
"Netlify Edge"; hit
Date
Other
Sun, 26 Apr 2026 09:45:08 GMT
Link
Other
Netlify-Vary
Netlify logo
Other
query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data
Via
AWS CloudFront logo
Other
1.1 5f7eb39e021e91c3b4f1188abbe23720.cloudfront.net (CloudFront)
X-Amz-Cf-Id
AWS CloudFront logo
Other
NAaavFWaxBrrdTR5UjpoIZuoA7thyPnkTLGq7VFmqCCaGKZD9wjpoA==
X-Amz-Cf-Pop
AWS CloudFront logo
Other
IAD61-P4
X-Cache
AWS CloudFront logo
Other
Hit from cloudfront
X-Middleware-Rewrite
Other
/en-US
X-Nextjs-Date
Next.js logo
Other
Sat, 25 Apr 2026 23:50:02 GMT
X-Nextjs-Prerender
Next.js logo
Other
1, 1
X-Nextjs-Stale-Time
Next.js logo
Other
300
X-Nf-Request-Id
Other
01KQ4JVCBWQJWC5DWK4A53QFBN
X-Pathname
Other
/

Recommendations

Enable compression (gzip/brotli) to improve performance