DNS Gurus
Open Cached · just now
24 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=2592000; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Connection
Performance
keep-alive
Transfer-Encoding
Performance
chunked

Caching Headers

1 headers
Cache-Control
Caching
max-age=0, private, must-revalidate

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

2 headers
Server
Server
cloudflare
X-Runtime
Server
0.199652

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_chatwoot_session=RWLP5c7Ggxo%2BY9Yv5pYEJ5Aqv0ZRZt2heqg0Flusq%2BCGNH8HJ%2BpXG39pNUFje7rAUndpXkDK7vymkyX8HRpcNWNvk%2BOo5cV1tH3UVbEaiQ34b1tTYT3R%2Bm%2BkVKBaOVYmhbwJkzVYCLriGuc8PuelRfQ7e8MdMIo4P%2Fd9K6ig3i8T7JmeI4dEA0vt1LeNfJlZaGLZ%2B%2FbktjkBVDWVdGrVRlngSQeFW1njncQOjdMRC%2Fsl51gCXFxpyKo3M%2BryWISpByIW8%2FVo%2BQ%2FBY45hzTLp50i1noCWZSn%2FAA%3D%3D--9JUTMAdQ%2B%2Fwf3%2FhT--3rGZ4oUN%2FiPoEUxj5J1Hng%3D%3D; HttpOnly; SameSite=Lax; Path=/

Other Headers

12 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
99f9fb96cb640674-IAD
Date
Other
Sun, 16 Nov 2025 21:11:47 GMT
Link
Other
</packs/js/portal-1ac505494f63fc0f94ef.js>; rel=preload; as=script; nopush,</packs/css/portal-634275a1.css>; rel=preload; as=style; nopush
Nel
Other
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To
Other
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FmKqqtghS4cjnkKlUsBnI9qsQXbIxbpq8En6o1CML%2FxdlDfUry9HM784DxMv9Byp%2BUlYoqVT2YjXbRRlUAxHqYDJ70lPg2vzq7ctMLmEih4bgQ%3D%3D"}]}
Server-Timing
Other
cfEdge;dur=297,cfOrigin;dur=310
Via
Other
1.1 google
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
2fcb9136-eb22-4683-9933-8458b443b99e

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 681ms