DNS Gurus
Cached · just now
15 Headers

Detected Technologies from Headers

See all in URL Inspect 44
AWS CloudFront logo AWS CloudFront Google AdSense logo Google AdSense Google Maps logo Google Maps Google Tag Manager logo Google Tag Manager Spotify logo Spotify Reddit logo Reddit DataTables logo DataTables Trustpilot logo Trustpilot Google DoubleClick logo Google DoubleClick Google Analytics logo Google Analytics Microsoft Advertising logo Microsoft Advertising Google Conversion Tracking logo Google Conversion Tracking Segment logo Segment Cloudflare CDN logo Cloudflare CDN Datadog logo Datadog Google Static File Front End logo Google Static File Front End LaunchDarkly logo LaunchDarkly Outbrain logo Outbrain TikTok Analytics logo TikTok Analytics Google Fonts logo Google Fonts Twitter logo Twitter Quantcast logo Quantcast Hotjar logo Hotjar Kustomer logo Kustomer LinkedIn logo LinkedIn Contentful logo Contentful Stripe logo Stripe Google Search logo Google Search BootstrapCDN logo BootstrapCDN Cloudflare logo Cloudflare Active incidents Facebook logo Facebook OneTrust logo OneTrust Adobe Fonts (Typekit) logo Adobe Fonts (Typekit) Heap logo Heap Cloudflare CDNJS logo Cloudflare CDNJS jQuery logo jQuery Quora logo Quora YouTube logo YouTube Microsoft Clarity logo Microsoft Clarity Font Awesome logo Font Awesome jsDelivr logo jsDelivr Google Cloud logo Google Cloud Google Cloud Storage logo Google Cloud Storage Express logo Express

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
AWS CloudFront logo
Good
base-uri; connect-src; default-src; +12 more Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

Performance Headers

Connection
Performance
close
Transfer-Encoding
Performance
chunked

Caching Headers

Cache-Control
Caching
public, max-age=1800

Content Headers

Content-Type
Content
text/html; charset=utf-8

Server Headers

Server
Cloudflare CDN logo
Server
cloudflare
X-Powered-By
Express logo
Server
Express

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie
Cookies

Other Headers

Cf-Cache-Status
Cloudflare CDN logo
Other
DYNAMIC
Cf-Ray
Cloudflare CDN logo
Other
9f5abbfa98f1c97f-IAD
Date
Other
Sat, 02 May 2026 23:16:33 GMT
Reporting-Endpoints
Other
csp-reporting-endpoint="https://csp-report.browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubd4258020965cc5258eee35ac618e9586&dd-evp-origin=content-security-policy&ddsource=csp-report"
X-Ssr-Cache
Other
redis, age: 13m 22s

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology