DNS Gurus
Open Cached · just now
33 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
Basic
default-src; script-src; object-src; +10 more
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
keep-alive
Vary
Performance
Cookie

Caching Headers

5 headers
Age
Caching
70634
Cache-Control
Caching
max-age=86400, public
Etag
Caching
"1762417733"
Expires
Caching
Fri, 07 Nov 2025 08:28:54 GMT
Last-Modified
Caching
Thu, 06 Nov 2025 08:28:53 GMT

Content Headers

3 headers
Content-Language
Content
en
Content-Length
Content
156254
Content-Type
Content
text/html; charset=UTF-8

Server Headers

0 headers
No server headers found

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
incap_ses_1607_177663=zvzJBFvRvCm76o9UejZNFjBwDWkAAAAAnZP612BTLpI7R52whOsNsQ==; path=/; Domain=.proofpoint.com; Secure; SameSite=None

Other Headers

16 headers
Date
Other
Fri, 07 Nov 2025 04:06:09 GMT
Feature-Policy
Other
geolocation 'self'
Traceresponse
Other
00-18755d9763675f1d28bf6722f51893d5-c9e57417763dba15-01
X-Cache
Other
HIT, HIT
X-Cache-Hits
Other
20, 0
X-Cdn
Other
Imperva
X-Content-Security-Policy
Other
default-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google-analytics.com/analytics.js https://www.googleoptimize.com/optimize.js https://www.googletagmanager.com https://munchkin.marketo.net https://app-abj.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://geoip-js.com https://ads.avocet.io https://trk.techtarget.com https://j.6sc.co/6si.min.js https://tags.srv.stackadapt.com https://ads.avct.cloud https://js.driftt.com https://js-agent.newrelic.com https://bam.nr-data.net https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js https://cdn.jsdelivr.net/npm/@json-editor/json-editor@latest/dist/jsoneditor.min.js https://js.adsrvr.org/up_loader.1.1.0.js https://go.affec.tv https://bat.bing.com/bat.js https://s7.addthis.com/js/300/addthis_widget.js https://m.addthis.com https://z.moatads.com https://cdn.jsdelivr.net/npm/datalist-polyfill@latest/datalist-polyfill.min.js https://snap.licdn.com https://tracking.g2crowd.com https://bat.bing.com https://connect.facebook.net https://tags.srv.stackadapt.com *.visualwebsiteoptimizer.com app.vwo.com *.sharethis.com https://unpkg.com/dropzone@5/dist/min/dropzone.min.js https://d1hgczpbubj217.cloudfront.net/video-widget/ https://www.youtube.com/ https://app-static.turtl.co/embed/turtl.embed.v1.js https://js.zi-scripts.com/zi-tag.js *.mutinycdn.com https://www.clarity.ms https://j.6sc.co/j/81ad4853-7699-4145-be50-4c0e963c8034.js *.roundprinceweb.com https://www.redditstatic.com/ads/pixel.js https://go.proofpoint.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.buzzsprout.com/2445401/episodes/*.js https://www.buzzsprout.com https://extend.vimeocdn.com https://cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js https://js.navattic.com/sdk.js?key=pkey_cm8td7nwb000h03kz70nm8ax3 https://wpaassets.blob.core.windows.net/lib/deployVOA.js https://storage.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com s3.amazonaws.com *; img-src 'self' 'unsafe-inline' data: blob: *.visualwebsiteoptimizer.com chart.googleapis.com wingify-assets.s3.amazonaws.com app.vwo.com * *.mutinycdn.com; media-src 'self'; frame-src 'self' 'unsafe-inline' app.vwo.com *.visualwebsiteoptimizer.com *; frame-ancestors 'self' https://app.mutinyhq.com; child-src 'self' 'unsafe-inline' blob:; worker-src 'self' blob:; font-src 'self' 'unsafe-inline' data: *; connect-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com * *.mutinyhq.com *.mutinyhq.io *.mutinycdn.com; report-uri /report-csp-violation
X-Debug-Info
Other
eyJyZXRyaWVzIjowfQ==
X-Drupal-Dynamic-Cache
Other
MISS
X-Iinfo
Other
55-148715394-148715405 SNNy RT(1762488369212 29) q(0 0 0 0) r(0 0) U18
X-Imperva-Purge-Tags
Other
0zT4,OsDy,6xRn,QIlE,9GyU,+8op,FhFx,iQT5,tYpi,QVjn,dBR+,GLRa,D6JF,dm3B,6k53,IiTq,xkwr,XEia,x77j,lZYo,D38W,us3D,eNsJ,QO46,Yy6K,Ph9s,B9eS,rSwo,pOtC,aor9,91Sn,bZmL,oYr8,ZnXr,dzbK,62pa,7rJV,wHdB,t/FV,USp7,CpJf,jvBH,p5cq,sZMR,DHKI,xNjF,ccT3,n2mc,ZhY/,448A,Hv0G,ZKxq,BGwK,kTMP,WCkL,2f5J,VTqQ,aNK6,KVNK,dq7W,bMho,DbEx,sDNg,+9Om,W5+b,E0Ml,Zmi2,c3J6,FU8Q,sLH6,xWa2,mSGv,xa9z,utCY,20o+,WAoV,ACxG,uwDo,G83H,MXuN,qH0M,sk9+,lsvV,eLy8
X-Permitted-Cross-Domain-Policies
Other
none
X-Platform-Server
Other
i-06272672b2db4442a
X-Served-By
Other
cache-bur-kbur8200133-BUR, cache-iad-kiad7000096-IAD
X-Timer
Other
S1762488369.243249,VS0,VE2
X-Webkit-Csp
Other
default-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google-analytics.com/analytics.js https://www.googleoptimize.com/optimize.js https://www.googletagmanager.com https://munchkin.marketo.net https://app-abj.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://geoip-js.com https://ads.avocet.io https://trk.techtarget.com https://j.6sc.co/6si.min.js https://tags.srv.stackadapt.com https://ads.avct.cloud https://js.driftt.com https://js-agent.newrelic.com https://bam.nr-data.net https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js https://cdn.jsdelivr.net/npm/@json-editor/json-editor@latest/dist/jsoneditor.min.js https://js.adsrvr.org/up_loader.1.1.0.js https://go.affec.tv https://bat.bing.com/bat.js https://s7.addthis.com/js/300/addthis_widget.js https://m.addthis.com https://z.moatads.com https://cdn.jsdelivr.net/npm/datalist-polyfill@latest/datalist-polyfill.min.js https://snap.licdn.com https://tracking.g2crowd.com https://bat.bing.com https://connect.facebook.net https://tags.srv.stackadapt.com *.visualwebsiteoptimizer.com app.vwo.com *.sharethis.com https://unpkg.com/dropzone@5/dist/min/dropzone.min.js https://d1hgczpbubj217.cloudfront.net/video-widget/ https://www.youtube.com/ https://app-static.turtl.co/embed/turtl.embed.v1.js https://js.zi-scripts.com/zi-tag.js *.mutinycdn.com https://www.clarity.ms https://j.6sc.co/j/81ad4853-7699-4145-be50-4c0e963c8034.js *.roundprinceweb.com https://www.redditstatic.com/ads/pixel.js https://go.proofpoint.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.buzzsprout.com/2445401/episodes/*.js https://www.buzzsprout.com https://extend.vimeocdn.com https://cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js https://js.navattic.com/sdk.js?key=pkey_cm8td7nwb000h03kz70nm8ax3 https://wpaassets.blob.core.windows.net/lib/deployVOA.js https://storage.googleapis.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com s3.amazonaws.com *; img-src 'self' 'unsafe-inline' data: blob: *.visualwebsiteoptimizer.com chart.googleapis.com wingify-assets.s3.amazonaws.com app.vwo.com * *.mutinycdn.com; media-src 'self'; frame-src 'self' 'unsafe-inline' app.vwo.com *.visualwebsiteoptimizer.com *; frame-ancestors 'self' https://app.mutinyhq.com; child-src 'self' 'unsafe-inline' blob:; worker-src 'self' blob:; font-src 'self' 'unsafe-inline' data: *; connect-src 'self' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com * *.mutinyhq.com *.mutinyhq.io *.mutinycdn.com; report-uri /report-csp-violation

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 191ms