HTTP Headers Analysis for https://api.eu.aws.sigmacomputing.com

Detected Technologies from Headers

See all in URL Inspect 2

Cloudflare CDN

Envoy

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; includeSubDomains

Content-Security-Policy

Good

default-src; base-uri; block-all-mixed-content; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Origin, Accept-Encoding

connection: close
vary: Origin, Accept-Encoding

Caching Headers

Cache-Control

Caching

no-store, no-cache, must-revalidate, proxy-revalidate

Etag

Caching

W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"

Expires

Caching

0

Pragma

Caching

no-cache

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
expires: 0
pragma: no-cache

Content Headers

Content-Length

Content

2

Content-Type

Content

text/plain; charset=utf-8

content-length: 2
content-type: text/plain; charset=utf-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

Access-Control-Allow-Credentials

Cors

true

Access-Control-Expose-Headers

Cors

X-Sigma-Result-Age,X-Sigma-Result-Refresh-At,X-Sigma-Cache-Op,X-Sigma-Materialization-Age,X-Sigma-Materialization-Status,Alt-Svc,CF-RAY,CF-Cache-Status,ETag,Surrogate-Control,Vary,Via,X-Request-Id

access-control-allow-credentials: true
access-control-expose-headers: X-Sigma-Result-Age,X-Sigma-Result-Refresh-At,X-Sigma-Cache-Op,X-Sigma-Materialization-Age,X-Sigma-Materialization-Status,Alt-Svc,CF-RAY,CF-Cache-Status,ETag,Surrogate-Control,Vary,Via,X-Request-Id

Cookies Headers

Set-Cookie

Cookies

set-cookie: __cf_bm=5XPbEWU.jJ1NCN4RunEok6dk.EmqyJlT7OOcERuMlaA-1776036497.4664009-1.0.1.1-PnP1nRZpx8pvUZYP2oTI0ZsMNob.15cSQ7Zac91qJ1QL1db1ozroAlG0P1i5xqmyyQ89D_EvefsZdCUxAoj_A5.Hh0bwo0JnFj2hTi1EnGUX8KeYoNaDi.78SIX1.3d6; HttpOnly; Secure; Path=/; Domain=sigmacomputing.com; Expires=Sun, 12 Apr 2026 23:58:17 GMT

Other Headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Apo-Via

Other

origin,host

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9eb601ad29c20597-IAD

Date

Other

Sun, 12 Apr 2026 23:28:17 GMT

Surrogate-Control

Other

no-store

X-Dns-Prefetch-Control

Other

off

X-Download-Options

Other

noopen

X-Envoy-Upstream-Service-Time

Other

3

X-Permitted-Cross-Domain-Policies

Other

none

alt-svc: h3=":443"; ma=86400
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 9eb601ad29c20597-IAD
date: Sun, 12 Apr 2026 23:28:17 GMT
surrogate-control: no-store
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 3
x-permitted-cross-domain-policies: none

Recommendations

Enable compression (gzip/brotli) to improve performance