DNS Gurus
Open Cached · just now
13 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=63072000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

0 headers
No performance headers found

Caching Headers

3 headers
Age
Caching
10
Cache-Control
Caching
public, max-age=0, must-revalidate
Etag
Caching
"14ezxq3jz5y54rv"

Content Headers

2 headers
Content-Length
Content
239528
Content-Type
Content
text/html; charset=utf-8

Server Headers

1 headers
Server
Server
Vercel

CORS Headers

0 headers
No CORS headers found

Cookies Headers

0 headers
No cookies headers found

Other Headers

6 headers
Content-Security-Policy-Report-Only
Other
default-src 'self' wwwv2.tailscale.com; script-src 'self' wwwv2.tailscale.com bat.bing.com cdn.rudderlabs.com www.google-analytics.com www.googletagmanager.com www.google.com *.mutinycdn.com js.hs-scripts.com js.hs-banner.com js.hubspot.com js.hs-analytics.com *.hsforms.net unpkg.com snap.licdn.com www.redditstatic.com https://bwa.marketplace.awsstatic.com widget.kapa.ai; connect-src 'self' wwwv2.tailscale.com login.tailscale.com bat.bing.com *.mutinyhq.io *.mutinycdn.com analytics.google.com www.google-analytics.com cdn.sanity.io unpkg.com *.rudderstack.com *.hubspot.com www.redditstatic.com pixel-config.reddit.com px.ads.linkedin.com https://medley.prod.irtysh.dubai.aws.dev proxy.kapa.ai kapa-widget-proxy-la7dkmplpq-uc.a.run.app metrics.kapa.ai; img-src 'self' wwwv2.tailscale.com cdn.sanity.io lh3.googleusercontent.com www.google-analytics.com *.hsforms.com alb.reddit.com px.ads.linkedin.com bat.bing.com track.hubspot.com; frame-ancestors 'none'; form-action 'self' wwwv2.tailscale.com; base-uri 'self' wwwv2.tailscale.com; block-all-mixed-content; object-src 'self' wwwv2.tailscale.com; report-to csp-endpoint; report-uri https://login.tailscale.com/csp-report;
Date
Other
Fri, 31 Oct 2025 23:52:46 GMT
Reporting-Endpoints
Other
csp-endpoint="https://login.tailscale.com/csp-report"
X-Matched-Path
Other
/
X-Vercel-Cache
Other
HIT
X-Vercel-Id
Other
iad1::iad1::nqm24-1762136563122-3a47ca7b3622

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 47ms