Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
Performance Headers
1 headers
Connection
Performance
close
Caching Headers
2 headers
Cache-Control
Caching
max-age=0, private, must-revalidate
Etag
Caching
W/"5732faef86fed4b1cef9f7e6f0903561"
Content Headers
2 headers
Content-Length
Content
35536
Content-Type
Content
text/html; charset=utf-8
Server Headers
2 headers
Server
Server
Caddy
X-Runtime
Server
0.028263
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
session=9N7P2Vis6ooncmcHd2hhCVsYTaoUgETQCHq3bT0PvXrTlzVtOUOpOekxbj0jahcETb5vxdpZJDRRE0hyzcx2hA%2BL4LLTEKPG4%2Ba4R1VWjapHh69X11MYsWlwKpVChFGOx4Ee1S7n%2B9Da4IS%2BoORoWB%2FoTINlG907S%2FN51dHiSOVgDveXjAi1E8T6pjkoYy5%2FAFNSJHnRq9GsKnfsEyEOAZEsRjZ6qwX6rA0C0W%2FKPcScJyqM7%2FQ%2BFI4EgB%2BgEn4mcvYn0pAiUSFMBWPJ%2BuNBDgt8Xe9sQZyxDRw3Cr%2BI29Zp1Yk%3D--Hj4iqncIy3ZXTJ7f--BrrHQZXbSmwYBYMiHRKDZA%3D%3D; path=/; httponly; samesite=lax
Other Headers
6 headers
Alt-Svc
Other
h3=":443"; ma=2592000
Date
Other
Mon, 02 Feb 2026 20:59:19 GMT
Link
Other
<https://www.mocoapp.com/dist/app-acdc3423d349dbcbaa66-1.css>; rel=preload; as=style; crossorigin=anonymous; nopush,<https://www.mocoapp.com/dist/app-acdc3423d349dbcbaa66-1.js>; rel=preload; as=script; crossorigin=anonymous; nopush
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none
X-Request-Id
Other
b399dd41-257a-4db1-8762-6cd628063844
Recommendations
Enable compression (gzip/brotli) to improve performance