HTTP Headers Analysis for https://embed.music.apple.com

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

default-src; img-src; style-src; +4 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

Cache-Control

Caching

no-transform, max-age=60

Etag

Caching

"262aed02ff1e1a2a1b73e538c779a589"

Last-Modified

Caching

Tue, 24 Mar 2026 18:56:29 GMT

cache-control: no-transform, max-age=60
etag: "262aed02ff1e1a2a1b73e538c779a589"
last-modified: Tue, 24 Mar 2026 18:56:29 GMT

Content Headers

Content-Length

Content

2187

Content-Type

Content

text/html

content-length: 2187
content-type: text/html

Server Headers

Server

daiquiri/5

server: daiquiri/5

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc

Other

h3=":443"; ma=93600

Apple-Originating-System

Other

UnknownOriginatingSystem

Apple-Seq

Other

0.0

Apple-Tk

Other

false

Cdnuuid

Other

20e24a3f-d76d-4760-8ab3-055c0da11ee0-1552067023

Date

Other

Mon, 30 Mar 2026 23:29:40 GMT

X-Apple-Jingle-Correlation-Key

Other

SUZOXV472JKQGB5KP63WWPLQOQ

X-Apple-Request-Uuid

Other

9532ebd7-9fd2-5503-07aa-7fb76b3d7074

X-Apple-Version-Number

Other

2612.1.0

X-Daiquiri-Debug-Worker-Pid

Other

15114, 30127, 1111

X-Daiquiri-Instance

Other

daiquiri:45887001:st44p00it-hyhk15124201:7987:26RELEASE56:daiquiri-amp-all-shared-int-001-st, daiquiri:48493002:st44p00it-hyhk16134201:7987:26RELEASE56:daiquiri-amp-all-shared-ext-001-st, daiquiri:42282001:st53p00it-qujn15040102:7987:26RELEASE56:daiquiri-amp-store-l7shared-ext-001-st

X-Responding-Instance

Other

silverbullet-external:2108:st00p00it-vmsilverbullet008:8300:26C11

alt-svc: h3=":443"; ma=93600
apple-originating-system: UnknownOriginatingSystem
apple-seq: 0.0
apple-tk: false
cdnuuid: 20e24a3f-d76d-4760-8ab3-055c0da11ee0-1552067023
date: Mon, 30 Mar 2026 23:29:40 GMT
x-apple-jingle-correlation-key: SUZOXV472JKQGB5KP63WWPLQOQ
x-apple-request-uuid: 9532ebd7-9fd2-5503-07aa-7fb76b3d7074
x-apple-version-number: 2612.1.0
x-daiquiri-debug-worker-pid: 15114, 30127, 1111
x-daiquiri-instance: daiquiri:45887001:st44p00it-hyhk15124201:7987:26RELEASE56:daiquiri-amp-all-shared-int-001-st, daiquiri:48493002:st44p00it-hyhk16134201:7987:26RELEASE56:daiquiri-amp-all-shared-ext-001-st, daiquiri:42282001:st53p00it-qujn15040102:7987:26RELEASE56:daiquiri-amp-store-l7shared-ext-001-st
x-responding-instance: silverbullet-external:2108:st00p00it-vmsilverbullet008:8300:26C11

Recommendations

Enable compression (gzip/brotli) to improve performance