Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
close
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"7560e730612b927001a1cda5ae25f1d9"
Content Headers
2 headers
Content-Length
Content
17979
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
Caddy
X-Runtime
Server
0.012939
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_codebase-website_session=0ZEgqvFn2EgpzEBfMRqDv72MED9mfOqg2F%2FwCG91IZcwFp3eZBw5nriudJkRdrx2vKOdUnz1O9IpzEDRVmTKxE%2FVtu5Pab7lJFOcsRTiLwfYYGTbjAVMd8Q7oSdUOb97nCtMkfDAs5Xx7GcYxoyeG0pxMjgZWV6lSuCGBtKySAE45wgs%2Fp9S1A%2BB1yiv4p0cPgbuSZ4cOk4Zm4Q6I740dzXMQDFgnYqhIcZqiopYrlB%2FlgQt7%2F7ajKzY%2BtMhuOtx0j8JohmHTmkF4pz%2BE1erdpBnkLASLvv%2BbaDcm%2B%2BTS5aK--CnXGld8J0MeoBtSM--coc1ByNkR9Nan9nc1hZZYw%3D%3D; path=/; secure; HttpOnly; SameSite=Lax
Other Headers
5 headers
Date
Other
Sat, 27 Dec 2025 22:01:29 GMT
Link
Other
</assets/application-ae775ce84fb7a0617f37dfaa0514f11b919c178e85e072d9a3bb702a45dc19bc.css>; rel=preload; as=style; nopush,</assets/application-432b34a5309248c7ebf2b3c2d17c1457e0e13747be932a7ad3fc132e3437031b.js>; rel=preload; as=script; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
32a42b12-ab91-4147-9e8e-bf0615bea968
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 710ms