Open
Cached
·
just now
19
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
Performance Headers
3 headers
Connection
close
Transfer-Encoding
chunked
Vary
Accept-Encoding
Caching Headers
2 headers
Cache-Control
max-age=0, private, must-revalidate
Etag
W/"c022f0a5b5927ee20da3c8665e9dc09c"
Content Headers
1 headers
Content-Type
text/html; charset=utf-8
Server Headers
2 headers
Server
Caddy
X-Runtime
0.032833
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
_deploy_website_session=B0u6xGhcGvTjgWrVIZIz2WBqm6Jv%2FXlB80WMVQ0r6PcCIevg6LP1JAKpEzc4AxojHceYl6RH2g7LKaZRsZ8Z0vgwBKIXk6hWoLuGlirZR%2Bd8dbU7dsZGFeH8bLbAQVmYJ%2FeKgIjyXuuk9po0%2FvolDNy8%2FIGvGlNgUjDKGkLJtaCrA%2B2Qfdoph%2FmZ60QWzXM68KIwPyOarVYoI5JCfQ5Of%2F53E3P3%2FkCewLaERNGoBasrm9XkPw6pIMyNub8Le5Dyk5KosqcXfOWDqcSCtBxCwV%2FOCUoOr7Ycgll0ZrWagHatV3%2FL%2Bgz7kFF3ri%2BCjttWPS7Sz7z9uvVRPparA5nVlbbI9a2TH9KfwtfJ0n1JKoyOqND0uUattdOTVaPfIqSFVmw1K9txdzUWlS5%2FAN1%2Fcj9kAnSmAcyhaqWQNlPtaQ%3D%3D--IvAPgduXgX8hgETO--KkflvQm%2BLqgcFlMxdRFxZQ%3D%3D; path=/; HttpOnly; SameSite=Lax
Other Headers
5 headers
Date
Mon, 16 Feb 2026 08:13:37 GMT
Link
</packs/js/application-5ae86f1b3d46a147a396.js>; rel=preload; as=script; nopush,</assets/application-0445777e9fa0cda23c4a5ae5e89f013a18a5712e4a91df01549188b1e21c8746.css>; rel=preload; as=style; nopush
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
1132cbd6-e50f-4afd-ad53-347f59cdb1bd
Recommendations
Enable compression (gzip/brotli) to improve performance