DNS Gurus
Cached · just now
14 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=31536000 ; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Accept-Ranges
Performance
bytes
Connection
Performance
close

Caching Headers

2 headers
Etag
Caching
"04949ab16adc1:0"
Last-Modified
Caching
Thu, 11 Dec 2025 15:19:54 GMT

Content Headers

2 headers
Content-Length
Content
931
Content-Type
Content
text/html

Server Headers

0 headers
No server headers found

CORS Headers

0 headers
No CORS headers found

Cookies Headers

0 headers
No cookies headers found

Other Headers

4 headers
Content-Security-Policy-Report-Only
Other
report-uri /api/Csp/cspreport; base-uri 'self' *.azurewebsites.net; default-src 'self' data:; script-src 'self' 'report-sample' 'unsafe-eval' 'unsafe-inline' *.microsoft.com *.azurefd.net *.msecnd.net *.ckeditor.com *.onestore.ms *.goskope.com; connect-src 'self' 'report-sample' ws: wss: *.microsoft.com *.goskope.com *.microsoftonline.com *.services.visualstudio.com *.windows.net *.botframework.com; style-src 'self' 'report-sample' 'unsafe-inline' *.microsoft.com *.ckeditor.com *.fontawesome.com; img-src 'self' data: http: https:; font-src 'self' *.sharepointonline.com *.azureedge.net *.fontawesome.com *.ss-cdn.com *.cdn.office.net *.gstatic.com; frame-src 'self' *.microsoft.com *.microsoftonline.com *.qualtrics.com *.windows.net https://login.live.com https://aka.ms https://github.com; worker-src 'self'; object-src 'self'; frame-ancestors 'self' *.microsoft.com *.azurewebsites.net; block-all-mixed-content;
Date
Other
Mon, 29 Dec 2025 21:15:08 GMT
X-Azure-Ref
Other
20251229T211508Z-16cb8b7df7fw2tjjhC1BL1kcqg0000000460000000007dp9
X-Cache
Other
CONFIG_NOCACHE

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching

Analysis completed in 249ms