DNS Gurus
Cached · just now
16 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close

Caching Headers

Age
Caching
0

Content Headers

Content-Length
Content
127
Content-Type
Content
application/json

Server Headers

Server
Server
Contentful

CORS Headers

Access-Control-Allow-Headers
Cors
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,Destination,Dnt,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Contentful-Content-Type,X-Contentful-Enable-Alpha-Feature,X-Contentful-Organization,X-Contentful-Personal-Intercept,X-Contentful-Resource-Resolution,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Version,X-Http-Method-Override,X-Mx-Reqtoken,X-Requested-With
Access-Control-Allow-Methods
Cors
GET,HEAD,OPTIONS
Access-Control-Allow-Origin
Cors
*
Access-Control-Expose-Headers
Cors
Etag
Access-Control-Max-Age
Cors
1728000

Cookies Headers

No cookies headers found

Other Headers

Date
Other
Mon, 27 Apr 2026 20:30:47 GMT
X-Cache
Other
MISS
X-Contentful-Request-Id
Other
c2299542-4f6b-4476-90a9-7ae6796ad0d1
X-Served-By
Other
cache-pdk-kpdk2140072-PDK

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching