DNS Gurus
Cached · just now
7 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=63072000; includeSubdomains; preload
Content-Security-Policy
Good
default-src; font-src; script-src; +2 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Strengthen CSP by removing 'unsafe-eval'
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close

Caching Headers

No caching headers found

Content Headers

Content-Length
Content
29

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

No other headers found

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching