HTTP Headers Analysis for https://embed.podcasts.apple.com

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

upgrade-insecure-requests; default-src; connect-src; +2 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

Cache-Control

Caching

no-transform, max-age=60

Etag

Caching

"a181fb584d88698738b21347f0e95c68"

Last-Modified

Caching

Tue, 24 Mar 2026 18:57:20 GMT

cache-control: no-transform, max-age=60
etag: "a181fb584d88698738b21347f0e95c68"
last-modified: Tue, 24 Mar 2026 18:57:20 GMT

Content Headers

Content-Length

Content

2350

Content-Type

Content

text/html

content-length: 2350
content-type: text/html

Server Headers

Server

daiquiri/5

server: daiquiri/5

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Alt-Svc

Other

h3=":443"; ma=93600,h3-29=":443"; ma=93600

Apple-Originating-System

Other

UnknownOriginatingSystem

Apple-Seq

Other

0.0

Apple-Tk

Other

false

Cdnuuid

Other

0dd2cb75-5d8d-4074-a674-57f309802555-1551806036

Date

Other

Sat, 28 Mar 2026 09:53:34 GMT

X-Apple-Jingle-Correlation-Key

Other

VR6D76PXISL5ULB6QJZHO5DERU

X-Apple-Request-Uuid

Other

ac7c3ff9-f744-97da-2c3e-82727774648d

X-Apple-Version-Number

Other

2612.1.0

X-Daiquiri-Debug-Worker-Pid

Other

54339, 30105, 100295

X-Daiquiri-Instance

Other

daiquiri:45887001:st44p00it-hyhk15124201:7987:26RELEASE56:daiquiri-amp-all-shared-int-001-st, daiquiri:48493002:st44p00it-hyhk16134201:7987:26RELEASE56:daiquiri-amp-all-shared-ext-001-st, daiquiri:42282005:st53p00it-qujn14050102:7987:26RELEASE56:daiquiri-amp-store-l7shared-ext-001-st

X-Responding-Instance

Other

silverbullet-external:2105:st00p00it-vmsilverbullet005:8300:26C11

alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600
apple-originating-system: UnknownOriginatingSystem
apple-seq: 0.0
apple-tk: false
cdnuuid: 0dd2cb75-5d8d-4074-a674-57f309802555-1551806036
date: Sat, 28 Mar 2026 09:53:34 GMT
x-apple-jingle-correlation-key: VR6D76PXISL5ULB6QJZHO5DERU
x-apple-request-uuid: ac7c3ff9-f744-97da-2c3e-82727774648d
x-apple-version-number: 2612.1.0
x-daiquiri-debug-worker-pid: 54339, 30105, 100295
x-daiquiri-instance: daiquiri:45887001:st44p00it-hyhk15124201:7987:26RELEASE56:daiquiri-amp-all-shared-int-001-st, daiquiri:48493002:st44p00it-hyhk16134201:7987:26RELEASE56:daiquiri-amp-all-shared-ext-001-st, daiquiri:42282005:st53p00it-qujn14050102:7987:26RELEASE56:daiquiri-amp-store-l7shared-ext-001-st
x-responding-instance: silverbullet-external:2105:st00p00it-vmsilverbullet005:8300:26C11

Recommendations

Enable compression (gzip/brotli) to improve performance