Open
Cached
·
just now
19
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
Transfer-Encoding
Transfer-Encoding
Performance
chunked
Caching Headers
0 headers
No caching headers found
Content Headers
1 headers
Content-Type
Content
text/html;charset=utf-8
Server Headers
1 headers
Server
Server
istio-envoy
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
bm_sz=A9C5056836352CDAD9859C83876A5A4A~YAAQ8cgwF6YaVeabAQAAT6FJ6h4qF6eOB6EDiDsbDhXCCPePXwHY7JXdfGV1LY8EPlo6MIq+7YgFFRn7hzOyz+twbu/FpGr5EqI+3YO9YnshwM61yHr+8f2GA+LcCVXjgqcto8BemmEEYRvEYECoPeKKEk3ZpPdf8EaFfkLU4vL7QVnqbQKDMk0nRezmowToXA2yPGL4ysUCXd+ox0a1gO6oGTsBJKX0+A6Rk9B59Y0DvlCQRHRC7UmlmG4V0aoVNQog1iRANHR8v2OLSUlgKhnpjBHeQL07GDpjOwL6yEC78jhjJMNctYySx1jYcC2/yeuxP4sMRJ9dCFkUVfa4U/QpugvP+zg31zxz9dMcdRAY~3688002~3228979; Domain=.mailchimp.com; Path=/; Expires=Fri, 23 Jan 2026 13:57:32 GMT; Max-Age=14400; SameSite=None; Secure
Other Headers
12 headers
Date
Other
Fri, 23 Jan 2026 09:57:32 GMT
Intuit_tid
Other
1-6973460c-3b4e40ae3466ade705bb1f70
X-Akamai-Transformed
Other
0 - 0 -
X-Amzn-Trace-Id
Other
Root=1-6973460c-3b4e40ae3466ade705bb1f70
X-Edgeconnect-Midmile-Rtt
Other
0
X-Edgeconnect-Origin-Mex-Latency
Other
348
X-Envoy-Decorator-Operation
Other
http-interposer-desired-service.mailchimp-cloud-httpinterposer-use2-prd-m2.svc.cluster.local:8090/*
X-Envoy-Upstream-Service-Time
Other
321
X-Plums-Vary
Other
Accept-Encoding, Accept-Language, Cookie
X-Request-Id
Other
1-6973460c-3b4e40ae3466ade705bb1f70
X-Spanid
Other
ee6f5b84-d301-be19-0ad1-1e261c7e3f36
X-Ua-Compatible
Other
IE=edge,chrome=1
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching