Open
Cached
·
just now
19
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"dd5699fd1a1e9099b1c59a0f74f5c54b"
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
Caddy
X-Runtime
Server
0.056138
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_deploy_website_session=bhPh63%2FooNE3jjagRV8kl0AzZ2sJVk0vA4SH26R7JnHbhodLrOb8WiNV9watWleUBFeSz1yVaH0G998XYSIbam6itqy%2FLOMjmdf4esfg1E4it3%2BRq6urZaT%2FZjMFmXg6vhE%2BuqJBeNk4bf8LuSSiyhCiOaziXzxlJbt1Kl2ArsgfiaMyIUwDi8FQKvp4AnZgYV3mFnDNVFsmrQaMVFCsrCCGeLZfVxUNt2Y8CTc4%2FFAWXf9auIg8O5%2FR8uxYgNSSh8iyDA1G5rgIzNG1ZwbT9i2ml8kvI66K5EFQQnWNldQPQ6Q0SLCc5nIr9o1eMr2ozGPXS9xQY7lcc13WWlswAtJ5RIUuboLvCe8pBPyGgiTj6%2Fu2jZdzzgRD2qBa%2Bp%2BJTINwJTUjGpFyuuR5%2BWz9Gl%2FJQY%2FOiB9jBP%2FytPpIfw%3D%3D--yplYl%2B68Lls9HzGN--gYs3qxIXGLeJOHADfE3QPw%3D%3D; path=/; HttpOnly; SameSite=Lax
Other Headers
5 headers
Date
Other
Sun, 08 Feb 2026 06:53:19 GMT
Link
Other
</packs/js/application-97fbef055cb3315ea078.js>; rel=preload; as=script; nopush,</assets/application-2ca389f63b60f629f06800d25689aae9ec8022b69c52806e0e712cd51b5c1fca.css>; rel=preload; as=style; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
b62b5b94-4190-4975-ad52-71d749c8414e
Recommendations
Enable compression (gzip/brotli) to improve performance