DNS Gurus
Cached · just now
22 Headers

Detected Technologies from Headers

See all in URL Inspect 40
YouTube logo YouTube Google AdSense logo Google AdSense Google Tag Manager logo Google Tag Manager Bing logo Bing Salesforce Cloud logo Salesforce Cloud SurveyMonkey logo SurveyMonkey Ahrefs logo Ahrefs AppNexus (Xandr) logo AppNexus (Xandr) HubSpot Forms logo HubSpot Forms JotForm logo JotForm Fonts.com logo Fonts.com Google DoubleClick logo Google DoubleClick Google Analytics logo Google Analytics Microsoft Advertising logo Microsoft Advertising Google Conversion Tracking logo Google Conversion Tracking Pusher logo Pusher 6sense logo 6sense Cloudflare CDN logo Cloudflare CDN Active incidents Google Static File Front End logo Google Static File Front End Next.js logo Next.js Google API JS Client logo Google API JS Client Algolia logo Algolia LinkedIn logo LinkedIn HubSpot CMS logo HubSpot CMS ZoomInfo logo ZoomInfo Cloudinary logo Cloudinary HubSpot Analytics logo HubSpot Analytics Mapbox logo Mapbox Google Search logo Google Search Facebook logo Facebook OneTrust logo OneTrust Vercel logo Vercel Simplecast logo Simplecast Salesforce Pardot logo Salesforce Pardot Vimeo logo Vimeo HubSpot logo HubSpot Microsoft Clarity logo Microsoft Clarity HubSpot Live Chat logo HubSpot Live Chat jsDelivr logo jsDelivr Google Cloud logo Google Cloud

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=15552000
Content-Security-Policy
YouTube logo
Basic
default-src; frame-ancestors Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding

Caching Headers

Age
Caching
11136
Cache-Control
Caching
public, max-age=0, must-revalidate

Content Headers

Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Cloudflare CDN logo
Server
cloudflare
X-Powered-By
Next.js logo
Server
Next.js

CORS Headers

Access-Control-Allow-Origin
Cors
https://cms.crisis24.com

Cookies Headers

Set-Cookie
Cookies

Other Headers

Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Cloudflare CDN logo
Other
DYNAMIC
Cf-Ray
Cloudflare CDN logo
Other
9fa02c6fae995042-IAD
Date
Other
Mon, 11 May 2026 09:31:56 GMT
X-Matched-Path
Other
/en
X-Nextjs-Prerender
Next.js logo
Other
1
X-Nextjs-Stale-Time
Next.js logo
Other
300
X-Vercel-Cache
Vercel logo
Other
HIT
X-Vercel-Id
Vercel logo
Other
iad1::pdx1::6cq8k-1778491916757-c548c1b59bed

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology