Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
close
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"bb8a6c7eed892a5e9eb5a8829502c6f0"
Content Headers
2 headers
Content-Length
Content
17816
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
Caddy
X-Runtime
Server
0.013284
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
_codebase-website_session=B22rUdTam1NN5rJmH0WYiKhQZjEhTSzFFF4C%2B88t8gzHuWnUclwk9sa3OEeBTnLtAKCF6ccAu9bo9GdjpBcwDzyAlMzrluki3BWV5UydbvbCBnJTOjQQ9qfGdjNfVQy5ADhXeJH3QjsWI3fG0rdjWZlZM0w4RoE6LcQ6OUZCW6vUbl4T3maRkwIeau3cab6bVPLJf3yWcp9AChQwftKdCu6UjMBf2qtXPFaDNZb0%2FTEWYpH7gYv2Hd%2FiHyisLjVIsRfQ4nfPD0p2LJV0cizjso27O0nh6Rl5LCMmJKh8Z5ht--z9ZIDOIcVtg33aS4--mi%2F3qG%2B2ipCULF7ZkoZaCQ%3D%3D; path=/; secure; HttpOnly; SameSite=Lax
Other Headers
5 headers
Date
Other
Mon, 29 Dec 2025 03:43:50 GMT
Link
Other
</assets/application-ae775ce84fb7a0617f37dfaa0514f11b919c178e85e072d9a3bb702a45dc19bc.css>; rel=preload; as=style; nopush,</assets/application-432b34a5309248c7ebf2b3c2d17c1457e0e13747be932a7ad3fc132e3437031b.js>; rel=preload; as=script; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
b5b3e1e6-57b3-4c39-8069-c7c352affd2e
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 669ms