DNS Gurus
Cached · just now
19 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=315360000; includeSubdomains
Content-Security-Policy
Basic
default-src; connect-src; font-src; +8 more
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Connection
Performance
close
Vary
Performance
Accept,Origin,Accept-Encoding

Caching Headers

2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"b1aa7704fafd298e700c9316f5e22243"

Content Headers

2 headers
Content-Length
Content
29874
Content-Type
Content
text/html; charset=utf-8

Server Headers

1 headers
X-Runtime
Server
0.364577

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_brandshelter.session=2ad18deac6fd1edbde16dcc3d5d7f16a; path=/; expires=Fri, 23 Jan 2026 21:31:50 GMT; secure; httponly

Other Headers

5 headers
Date
Other
Fri, 23 Jan 2026 20:31:50 GMT
Link
Other
</assets/ui.caps_lock_warning-2f1f0059bfd77ac1d9f96820dbd0d6225fb692fa7b55d4721d27c59c8e1ce088.js>; rel=preload; as=script; nopush,</assets/user_sessions/new-fc56b191deb2b3960e539ca0b73f27a50f3add25327d6872a35b8fbf29038504.js>; rel=preload; as=script; nopush,</assets/branding-settings-preview-8892b6a0ed73e63537831c3854fa45521d736ec82616c5825c283ce90c13043c.js>; rel=preload; as=script; nopush,</assets/branding-settings-preview-8892b6a0ed73e63537831c3854fa45521d736ec82616c5825c283ce90c13043c.js>; rel=preload; as=script; nopush,</assets/application-4950fa145598758fb8080341ce657b81e52ac453922f35d4228f787921a9bac5.css>; rel=preload; as=style; nopush,</assets/application-791904be4f08378d9180c0e3820b8c03a92784e89b4f90ee0de7d429612d218f.js>; rel=preload; as=script; nopush,</assets/html5shiv.min-716ce453ec982b6d56c2573f394d2bfa0eae2a5f575233860f7588fd4a599707.js>; rel=preload; as=script; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
a2da9f3e-a823-4014-83d1-b7d212927a57

Recommendations

Enable compression (gzip/brotli) to improve performance