DNS Gurus

HTTP Headers Analysis for https://codepen.io

Analyzed on November 02, 2025 at 19:11 UTC

URL: https://codepen.io | Status: 200

22 Headers
Total Found

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; base-uri; block-all-mixed-content; +10 more
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers
Connection
Performance
keep-alive
Transfer-Encoding
Performance
chunked

Caching Headers

1 headers
Cache-Control
Caching
max-age=0, private, must-revalidate

Content Headers

1 headers
Content-Type
Content
text/html; charset=utf-8

Server Headers

2 headers
Server
Server
cloudflare
X-Runtime
Server
0.012769

CORS Headers

0 headers
No CORS headers found

Cookies Headers

1 headers
Set-Cookie
Cookies
__cfruid=9405a6614314fa5cbb5d3a2622e3353a1af53361-1762110689; path=/; domain=.codepen.io; HttpOnly; Secure; SameSite=None

Other Headers

9 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9985f01fff5d57dc-IAD
Date
Other
Sun, 02 Nov 2025 19:11:29 GMT
Link
Other
<https://cpwebassets.codepen.io/assets/global/global-4c552521fc67172f930c95c8ef149c2b154f64fa33836c56c785fec636b1354e.css>; rel=preload; as=style; nopush,<https://cpwebassets.codepen.io/assets/page/page-f0d7b495e63e1bc150e9d461c0ba20300ce8893aeb3cbf80995b95271e4720ae.css>; rel=preload; as=style; nopush,<https://cpwebassets.codepen.io/assets/packs/css/everypage-836032f2.css>; rel=preload; as=style; nopush,<https://cpwebassets.codepen.io/assets/common/browser_support-2c1a3d31dbc6b5746fb7dacdbc81dd613906db219f13147c66864a6c3448246c.js>; rel=preload; as=script; nopush,<https://cpwebassets.codepen.io/assets/packs/js/vendor-86cf3ca7c141ece8e9f9.chunk.js>; rel=preload; as=script; nopush,<https://cpwebassets.codepen.io/assets/packs/js/3-1a61f8fcfb5bb832c2f7.chunk.js>; rel=preload; as=script; nopush,<https://cpwebassets.codepen.io/assets/packs/js/everypage-f54cc99606cd8fd5f489.js>; rel=preload; as=script; nopush,<https://cpwebassets.codepen.io/assets/packs/js/referrer-tracking-3023957ef831854a1933.js>; rel=preload; as=script; nopush
Speculation-Rules
Other
"/cdn-cgi/speculation"
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
7ae03a55-7372-430b-9a58-bc3db7f20a8e

Recommendations

Enable compression (gzip/brotli) to improve performance

Analysis completed in 0ms