DNS Gurus
Cached · just now
19 Headers

Detected Technologies from Headers

See all in URL Inspect 10
Ashby logo Ashby Cal.com logo Cal.com Envoy logo Envoy Google Fonts logo Google Fonts Google Search logo Google Search Google Static File Front End logo Google Static File Front End UnifyGTM logo UnifyGTM Varnish logo Varnish Express logo Express Google Cloud logo Google Cloud

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31557600
Content-Security-Policy
Google Fonts logo
Good
default-src; frame-ancestors; frame-src; +7 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Strengthen CSP by removing 'unsafe-eval'
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges
Performance
bytes
Connection
Performance
close
Vary
Performance
Accept-Encoding

Caching Headers

Age
Caching
0
Cache-Control
Caching
public, max-age=0, must-revalidate

Content Headers

Content-Length
Content
70418
Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Envoy logo
Server
istio-envoy
X-Powered-By
Express logo
Server
Express

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date
Other
Sat, 09 May 2026 04:42:19 GMT
Via
Varnish logo
Other
1.1 varnish, 1.1 varnish
X-Cache
Other
MISS, MISS
X-Cache-Hits
Other
0, 0
X-Envoy-Upstream-Service-Time
Envoy logo
Other
10
X-Served-By
Other
cache-lhr-egll1980076-LHR, cache-iad-kcgs7200154-IAD
X-Timer
Other
S1778301739.157531,VS0,VE94

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology