HTTP Headers Analysis for https://fidelity.com

Detected Technologies from Headers

See all in URL Inspect 2

Akamai

Apache

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

connection: close, Transfer-Encoding
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store, max-age=0, must-revalidate, public

Expires

Caching

Thu, 30 Jan 2020 19:24:01 GMT

cache-control: max-age=0, no-cache, no-store, max-age=0, must-revalidate, public
expires: Thu, 30 Jan 2020 19:24:01 GMT

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

Apache

server: Apache

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: AP171348_HEADER_APP_SERVICE_COOKIE=%7B%22loggedIn%22%3Afalse%2C%22navigationId%22%3A%226415097eb93ce647d876ea28eaa0bea5%22%7D; path=/; domain=.fidelity.com; expires=Mon, 06-Apr-2026 21:54:53 GMT; secure; httponly
MC=DN9KiONj5xTgAGJ82QoRRfSoOk4SAmnT821UVuHsni24vNmyqjMGBAAAAQAGBWnT820AP03; path=/; domain=.fidelity.com; expires=Tue, 06-Apr-2027 17:54:53 GMT; secure; samesite=none
akaalb_www_AWS_ALB=1775498993~op=:~rv=70~m=~os=f1162b9d355bd32846e2d2dc4b3e9a05~id=1b93d3b18eee83abbf4707526d1163a3; path=/; Expires=Mon, 06 Apr 2026 18:09:53 GMT; Secure; SameSite=None
bm_ss=ab8e18ef4e; Secure; SameSite=None; Domain=.fidelity.com; Path=/; HttpOnly; Max-Age=3600
_abck=063CE40899BBEB59ACE1104F3A2867B6~-1~YAAQZsgwF9ktWF2dAQAAnuPuYw/9uSp3eKD2VK67WGSmcvmoH/0Mm4F+FwqVqHmrK9yjPcolo+TqDl1A2EW+cb+FM759IoIIh43AZtqaqKYNxOaMH5gAteQIB/Qn4itkTCoJCSqT/pSBJAtivuhGMcCBJ9A3hhMI9xv0xe84BzHo4P0o0FSzZqmgaeHZRWQ/gacpts8sl0BSixhyH2slD5KmOXoPy2wirYq9WzxWRdFIh+tr6df3KNvU4JojnCBqzy1okyC78bVz7smnUixoMW2nS1BKfBLFvnjKc30SaKo6DJyerbp7mAXkySobLe287YCaCRvHJNhbT5VPugMReSgOuZ8TOyyOcIp5TKKYyXaI9KZ6eFj/9lDkLiSAcSFVNUn+uMY4AtGaSvA47KMhSChE8zcEfUxHwtPQ3FOxyU1Lmv1pKIVEfD7TXl3KIgJr0Sz85JoUAw==~-1~-1~-1~-1~-1; Domain=.fidelity.com; Path=/; Expires=Tue, 06 Apr 2027 17:54:53 GMT; Max-Age=31536000; SameSite=None; Secure
bm_s=YAAQZsgwF9otWF2dAQAAnuPuYwUky3gtL//UQDNqXlBiXgP77OlKQTxsos+M+qIcaWqMCsW/o1qXc2KSmcTwj4kLymcJmnYRTq3XlSSSxkk4iUHtsxQ46iGgMxLxPqb5nJlBV+0rrFoRWvtEJczDD0PBrrWVBh7/lCCtSumFck2rJzOXtgk37TdBqsuyHQJf8Lsr+7bjLjXEWu0BWKk5pX740uflfkej69V78/jEcqa/gRBM+HbyQg5INgsbfWp7IzI2CU6+VebIIVXuhQTXeam5DtKYMsC2ZoZEv28oFp8IaPhUP4RXqaPEnPDemwiESsjb/PaZQfHIkU3IIeaUpOjZSuxxBkYlPyCJCn0cfL9M8BLy4EVPl8wUAB236XZ0s8rTvMM5sRzy/KP+hhpqNixTNNyfdvKzUSaSfYkEZ92Ji1bWvFMBg9mItg+75xorc7Jc/JQEkUP780kThbx4x/o7DDy837EaTSjV3l7WjqEuFYsU6b3KBbUwO3smLN5BCGMXLQkjotAjO6hdZsXkU5Z6jYQBiqqoTmB/m4I21jMmo+b8TG9yyAJ43srMfCAVqveqeQ==; Domain=.fidelity.com; Path=/; Expires=Thu, 07 May 2026 17:54:53 GMT; Max-Age=2678400; SameSite=None; Secure; HttpOnly
bm_so=23AE30484EB4FD8C7F3A4D9BA28F7D6A8FF7FF3C8007280B50A76B85A503BA7C~YAAQZsgwF9stWF2dAQAAnuPuYwcKPIHJ3/JZSQvmneMjPM/ENb0Aj4mIqkHoh4Z8CGjuWiC0PIepwAr0UXKi5UAq48iKPKQDOiG3L3gtuQW3zfAP/uqaBbagOpk883P3nagVmBaL0Mp3Eru18eqMAw3hRgAbXeOPAjlXt2WamRqGi18n6SlXVLnYO6x5nllqhB27Zc0GqR8ftU59rNysEo/p0yc5tBdntfldSCCn7PJltRpOCSH4qQvTZ0O1IY0UgGGgfIxaza6h5Dz1rTe1vUrhBpGawAWXV5UzNJ8+vwPpb9v8v4h5WcdaDgmhExD195PupP+vbT0vY2f/75l2R+rQHPdN/eW7FqGZJFi1TwsQLKEAuJqbrqQ1PEPjBm9okaxNHZ7zczJYnUsJm3ISk+6YgZGGbZw5Escy3K5hYJSbMOKTXQzGcW2vAK5BtKYl+D2hFIsk6zZbkigbefAXKjx0dy2U; Domain=.fidelity.com; Path=/; Expires=Tue, 07 Apr 2026 17:54:53 GMT; Max-Age=86400; SameSite=None; Secure
bm_sz=0CD70307A8045A86551676B40FFFBC9A~YAAQZsgwF9wtWF2dAQAAnuPuYx8LexgOK+c3P78t+1bAWfjZtNC5Cn+UNoyonYbu9vRvEKkMedVi2hkMBCpJyYCC0ISyy1FOPEkt+DPnddSy7ytceJd6Foi0u7X1xPHJIJCRNS54nk7xziYEpd9JQSl9yF0z7TYIXMPWmx7JZ0fZzTdRdB9IWEKrchlsejBe07+/nmTzslwTZXH31ES8iYbRKY2v62RZF/JgNXCujp5AVyOJFkyqgt55L/6eikOIeHrJ0WyjaBXX+pVZ/vXqlTGaDuaqC1fC/IDPq8KcaoA+6KFG55lk90z+/GnKRPLcWDx2Blb/lti76Oc/Hy5O5g2zWRLx6Glr58+pf3SjM0k=~3158337~4539955; Domain=.fidelity.com; Path=/; Expires=Mon, 06 Apr 2026 21:54:53 GMT; Max-Age=14400; SameSite=None; Secure

Other Headers

Date

Other

Mon, 06 Apr 2026 17:54:53 GMT

Fscalleeid

Other

https-wwwcloud.fidelity.com-10000

Fselapsedtime

Other

356946

Fsreqid

Other

REQ69d3f36d75adca809d40b21290a2aa33

P3p

Other

CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"

X-Akamai-Transformed

Other

0 - 0 -

date: Mon, 06 Apr 2026 17:54:53 GMT
fscalleeid: https-wwwcloud.fidelity.com-10000
fselapsedtime: 356946
fsreqid: REQ69d3f36d75adca809d40b21290a2aa33
p3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
x-akamai-transformed: 0 - 0 -

Recommendations

Enable compression (gzip/brotli) to improve performance