DNS Gurus
Cached · just now
22 Headers

Detected Technologies from Headers

See all in URL Inspect 17
AWS CloudFront logo AWS CloudFront Adobe Fonts (Typekit) logo Adobe Fonts (Typekit) AWS logo AWS Amazon S3 logo Amazon S3 ClearBit logo ClearBit Customer.io logo Customer.io Envoy logo Envoy Font Awesome logo Font Awesome Fullstory logo Fullstory Google Fonts logo Google Fonts Grafana logo Grafana Active incidents HubSpot logo HubSpot HubSpot Analytics logo HubSpot Analytics HubSpot Forms logo HubSpot Forms Intercom logo Intercom Pendo logo Pendo Stripe logo Stripe

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
AWS CloudFront logo
Good
default-src; script-src; style-src; +10 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Strengthen CSP by removing 'unsafe-eval'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked

Caching Headers

Cache-Control
Caching
no-store
Etag
Caching
W/"06239d17c440ef74cd8568afd5e15586"
Pragma
Caching
no-cache

Content Headers

Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Envoy logo
Server
istio-envoy
X-Runtime
Server
0.008290

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie
Cookies

Other Headers

Alt-Svc
Other
h3=":443"; ma=2592000
Date
Other
Fri, 01 May 2026 10:35:14 GMT
Via
Other
1.1 google
X-Download-Options
Other
noopen
X-Envoy-Upstream-Service-Time
Envoy logo
Other
11
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
3ad655dd-6ecf-4ac1-96d6-764dea2d1e1a

Recommendations

Enable compression (gzip/brotli) to improve performance