DNS Gurus
Cached · just now
22 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
default-src; child-src; connect-src; +8 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Origin

Caching Headers

1 headers
Cache-Control
Caching
max-age=0, private, must-revalidate

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

2 headers
Server
Server
cloudflare
X-Runtime
Server
0.158106

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
_gumroad_app_session=huZ%2FzSA6qjQXaluW%2Fzcp7CUnJ1yK0R0ke6JO0%2FyMZTqTyWtmH3pn5Y4fejr0d0d72iPFXXNZ3g66NFe3wHLig8xa4KBxt%2Bg5E0ZKi%2B8e98bnVd3QdzHO%2FSf3GTy94ega3H%2BWnoPckz46S8wiXKG1ZBEMlBNMT99Mzk8OYS0Hw2CuUGkHQeTHj1VRRD3vomy4gmS7wuKhJ4o8pqKLGYUQkliq7DfQ3ZYrgdmr3iCzmaIMDBbVb%2F5EOHMYPt8mIZZfIRGcVChSSeciEvVk2YZ12Tr47pr8HA8SNi8p1bI6YNqQyLX3U3PfaEqteqN7hTOVVt0XniZisokUD2C6USHAIH%2FilXTU3iqbvw4x76zzB%2BuzupylOXRg91DP%2BcrsUA%3D%3D--sHAwL7LWatNzu54c--K2uLMrFW5r6nAHryLVCYdQ%3D%3D; domain=gumroad.com; path=/; expires=Fri, 30 Jan 2026 01:34:17 GMT; secure; httponly; samesite=lax

Other Headers

11 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9b5dcb3b6aea8be2-IAD
Date
Other
Tue, 30 Dec 2025 01:34:17 GMT
Link
Other
<https://assets.gumroad.com/packs/css/design-04391acc.css>; rel=preload; as=style; crossorigin=anonymous; nopush,<https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js>; rel=preload; as=script; nopush
X-Download-Options
Other
noopen
X-Gr
Other
PROD
X-Original-Headers-Class
Other
Rack::Headers
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
2af88e66-f31b-406d-a5bf-09626ce88f27
X-Revision
Other
af909f63fdda

Recommendations

Enable compression (gzip/brotli) to improve performance