DNS Gurus
Open Cached · just now
38 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Weak
max-age=
Content-Security-Policy
Weak
upgrade-insecure-requests
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Significantly strengthen CSP directives

Performance Headers

3 headers
Connection
Performance
keep-alive
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding

Caching Headers

3 headers
Age
Caching
52982
Cache-Control
Caching
public, max-age=0, s-maxage=604800
Last-Modified
Caching
Thu, 20 Nov 2025 14:39:05 GMT

Content Headers

1 headers
Content-Type
Content
text/html; charset=UTF-8

Server Headers

1 headers
Server
Server
cloudflare

CORS Headers

2 headers
Access-Control-Allow-Headers
Cors
Content-Type, Authorization
Access-Control-Allow-Methods
Cors
GET,POST

Cookies Headers

1 headers
Set-Cookie
Cookies
__cf_bm=tbkALkP0Jk76lsSCxOaRxb5yFM1OTcA1nuvFXfFXCgw-1763702547-1.0.1.1-4eP.0qOU2cu3nKHdnW5nid.z6s_loJMynT9BNqLBmiuCvpfJ3LjwrHmnEKeL20TS2Oxd14XvaU_CwaGP0PDjrf3BV4JYvNe5i.r5J4hhckI; path=/; expires=Fri, 21-Nov-25 05:52:27 GMT; domain=.www.onsurity.com; HttpOnly; Secure; SameSite=None

Other Headers

18 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
HIT
Cf-Ray
Other
9a1dbfdb994d3901-IAD
Cross-Origin-Embedder-Policy-Report-Only
Other
unsafe-none; report-to='default'
Cross-Origin-Opener-Policy-Report-Only
Other
unsafe-none; report-to='default'
Date
Other
Fri, 21 Nov 2025 05:22:27 GMT
Ki-Cache-Tag
Other
91e37e28-ecda-43df-bdca-51809fb5a042,5a809bb3ba4714c6decf180ff7626989aac17a123641c8146a84ffcbeef445a1
Ki-Cache-Type
Other
Edge
Ki-Cf-Cache-Status
Other
HIT
Ki-Edge
Other
v=23.1.0;mv=5.0.17
Ki-Origin
Other
g1p
Link
Other
<https://www.onsurity.com/wp-json/>; rel="https://api.w.org/", <https://www.onsurity.com/wp-json/wp/v2/pages/13>; rel="alternate"; title="JSON"; type="application/json", <https://www.onsurity.com/>; rel=shortlink
Nel
Other
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To
Other
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQr4SEqjwAGbDVTl57Kp9QWaK8AZ%2F6SR%2BXo%2BqmyyiZ50baQMerB7Ey4KXurdLVH%2BVqnzuy38ykipkKrFixACXLZz2sWHTBpJcI65Tf5Q4Taj5Oi3ehgrS%2BXjs0pXxXkdOmY%3D"}],"group":"cf-nel","max_age":604800}
X-Content-Security-Policy
Other
default-src 'self'; img-src *; media-src * data:;
X-Edge-Location-Klb
Other
1
X-Kinsta-Cache
Other
HIT
X-Permitted-Cross-Domain-Policies
Other
none

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 3215ms