DNS Gurus
Open Cached · 8m ago
33 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
Basic
default-src; script-src; object-src; +10 more
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
keep-alive
Vary
Performance
Cookie

Caching Headers

5 headers
Age
Caching
12371
Cache-Control
Caching
max-age=86400, public
Etag
Caching
"1762528692"
Expires
Caching
Sat, 08 Nov 2025 15:18:12 GMT
Last-Modified
Caching
Fri, 07 Nov 2025 15:18:12 GMT

Content Headers

3 headers
Content-Language
Content
en
Content-Length
Content
151005
Content-Type
Content
text/html; charset=UTF-8

Server Headers

0 headers
No server headers found

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
incap_ses_1840_177663=PrDGTbiJFnjiO7gBw/6IGQc+DmkAAAAANt23fTH4Lybwxc8SvCmXcw==; path=/; Domain=.proofpoint.com; Secure; SameSite=None

Other Headers

16 headers
Date
Other
Fri, 07 Nov 2025 18:44:23 GMT
Feature-Policy
Other
geolocation 'self'
Traceresponse
Other
00-1875c281e1263a8c6da01a50ef04c8d8-328ff0194b676948-01
X-Cache
Other
HIT, HIT
X-Cache-Hits
Other
1, 0
X-Cdn
Other
Imperva
X-Content-Security-Policy
Other
default-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google-analytics.com/analytics.js https://www.googleoptimize.com/optimize.js https://www.googletagmanager.com https://munchkin.marketo.net https://app-abj.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://geoip-js.com https://ads.avocet.io https://trk.techtarget.com https://j.6sc.co/6si.min.js https://tags.srv.stackadapt.com https://ads.avct.cloud https://js.driftt.com https://js-agent.newrelic.com https://bam.nr-data.net https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js https://cdn.jsdelivr.net/npm/@json-editor/json-editor@latest/dist/jsoneditor.min.js https://js.adsrvr.org/up_loader.1.1.0.js https://go.affec.tv https://bat.bing.com/bat.js https://s7.addthis.com/js/300/addthis_widget.js https://m.addthis.com https://z.moatads.com https://cdn.jsdelivr.net/npm/datalist-polyfill@latest/datalist-polyfill.min.js https://snap.licdn.com https://tracking.g2crowd.com https://bat.bing.com https://connect.facebook.net https://tags.srv.stackadapt.com *.visualwebsiteoptimizer.com app.vwo.com *.sharethis.com https://unpkg.com/dropzone@5/dist/min/dropzone.min.js https://d1hgczpbubj217.cloudfront.net/video-widget/ https://www.youtube.com/ https://app-static.turtl.co/embed/turtl.embed.v1.js https://js.zi-scripts.com/zi-tag.js *.mutinycdn.com https://www.clarity.ms https://j.6sc.co/j/81ad4853-7699-4145-be50-4c0e963c8034.js *.roundprinceweb.com https://www.redditstatic.com/ads/pixel.js https://go.proofpoint.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.buzzsprout.com/2445401/episodes/*.js https://www.buzzsprout.com https://extend.vimeocdn.com https://cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js https://js.navattic.com/sdk.js?key=pkey_cm8td7nwb000h03kz70nm8ax3 https://wpaassets.blob.core.windows.net/lib/deployVOA.js https://storage.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com s3.amazonaws.com *; img-src 'self' 'unsafe-inline' data: blob: *.visualwebsiteoptimizer.com chart.googleapis.com wingify-assets.s3.amazonaws.com app.vwo.com * *.mutinycdn.com; media-src 'self'; frame-src 'self' 'unsafe-inline' app.vwo.com *.visualwebsiteoptimizer.com *; frame-ancestors 'self' https://app.mutinyhq.com; child-src 'self' 'unsafe-inline' blob:; worker-src 'self' blob:; font-src 'self' 'unsafe-inline' data: *; connect-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com * *.mutinyhq.com *.mutinyhq.io *.mutinycdn.com; report-uri /report-csp-violation
X-Debug-Info
Other
eyJyZXRyaWVzIjowfQ==
X-Drupal-Dynamic-Cache
Other
UNCACHEABLE
X-Iinfo
Other
59-175941193-175941204 NNNY CT(1 8 0) RT(1762541063564 6) q(0 0 0 20) r(0 0) U18
X-Imperva-Purge-Tags
Other
0zT4,OsDy,6xRn,QIlE,9GyU,+8op,FhFx,iQT5,tYpi,NEI7,dBR+,GLRa,D6JF,dm3B,6k53,IiTq,xkwr,rvDh,8Z0D,WAoV,ACxG,uwDo,G83H,MXuN,qH0M,sk9+,xk0P,g1Av,MXJ0
X-Permitted-Cross-Domain-Policies
Other
none
X-Platform-Server
Other
i-064fa3b07bf73545e
X-Served-By
Other
cache-bur-kbur8200121-BUR, cache-iad-kiad7000156-IAD
X-Timer
Other
S1762541064.591733,VS0,VE1
X-Webkit-Csp
Other
default-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google-analytics.com/analytics.js https://www.googleoptimize.com/optimize.js https://www.googletagmanager.com https://munchkin.marketo.net https://app-abj.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://geoip-js.com https://ads.avocet.io https://trk.techtarget.com https://j.6sc.co/6si.min.js https://tags.srv.stackadapt.com https://ads.avct.cloud https://js.driftt.com https://js-agent.newrelic.com https://bam.nr-data.net https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js https://cdn.jsdelivr.net/npm/@json-editor/json-editor@latest/dist/jsoneditor.min.js https://js.adsrvr.org/up_loader.1.1.0.js https://go.affec.tv https://bat.bing.com/bat.js https://s7.addthis.com/js/300/addthis_widget.js https://m.addthis.com https://z.moatads.com https://cdn.jsdelivr.net/npm/datalist-polyfill@latest/datalist-polyfill.min.js https://snap.licdn.com https://tracking.g2crowd.com https://bat.bing.com https://connect.facebook.net https://tags.srv.stackadapt.com *.visualwebsiteoptimizer.com app.vwo.com *.sharethis.com https://unpkg.com/dropzone@5/dist/min/dropzone.min.js https://d1hgczpbubj217.cloudfront.net/video-widget/ https://www.youtube.com/ https://app-static.turtl.co/embed/turtl.embed.v1.js https://js.zi-scripts.com/zi-tag.js *.mutinycdn.com https://www.clarity.ms https://j.6sc.co/j/81ad4853-7699-4145-be50-4c0e963c8034.js *.roundprinceweb.com https://www.redditstatic.com/ads/pixel.js https://go.proofpoint.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.buzzsprout.com/2445401/episodes/*.js https://www.buzzsprout.com https://extend.vimeocdn.com https://cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js https://js.navattic.com/sdk.js?key=pkey_cm8td7nwb000h03kz70nm8ax3 https://wpaassets.blob.core.windows.net/lib/deployVOA.js https://storage.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com s3.amazonaws.com *; img-src 'self' 'unsafe-inline' data: blob: *.visualwebsiteoptimizer.com chart.googleapis.com wingify-assets.s3.amazonaws.com app.vwo.com * *.mutinycdn.com; media-src 'self'; frame-src 'self' 'unsafe-inline' app.vwo.com *.visualwebsiteoptimizer.com *; frame-ancestors 'self' https://app.mutinyhq.com; child-src 'self' 'unsafe-inline' blob:; worker-src 'self' blob:; font-src 'self' 'unsafe-inline' data: *; connect-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com * *.mutinyhq.com *.mutinyhq.io *.mutinycdn.com; report-uri /report-csp-violation

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 1ms