HTTP Headers Analysis for https://iqvc.com

Detected Technologies from Headers

See all in URL Inspect 2

Akamai

Apache

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000 ; includeSubDomains ; preload

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

connection: close, Transfer-Encoding
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

max-age=71

cache-control: max-age=71

Content Headers

Content-Type

Content

text/html

content-type: text/html

Server Headers

Server

Apache

server: Apache

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: akaalb_ALB_PROD_QVC_US=~op=LB_PROD_QVC_US_USE2_SCUS:origin_prod_dc20_qvc_com|~rv=25~m=origin_prod_dc20_qvc_com:0|~os=7d9af901dc41048f97fe77a58f69575b~id=baf1f68e2cd0c56430f80b1c6d83d484; path=/; HttpOnly; Secure; SameSite=None
_abck=168C9229445E23342C9F4B687550FA2A~-1~YAAQxwwDF8Jt2YacAQAA6l9mmQ9Xyw1HlzDETFYRf5T1eZT44h532HkFEZM7W4pC8XAO7R7Apx/g4RRrbvp5MlHn5WfkPLoVUcExffj4paPMHut9emn/93UisyqrhOIqnq2ZdR+a4pxnLtbJdPoqRXBD8tG0Ltv2UOKYz6Aa78mOTKniOqK3BJmxyjX7eOjxJJqlQ2ucSIL96i7X+QQbHk/ajLbF5AI49hf6Jezpcy8Wb6MjB9QQoclX0mfw0I4fqeICYRnILXFSb6z2Z+KJj+lIKOsCi7zJL6saYRvGniC65sJSbr9eraMolN9IxJmjaHh48fbwxA92bpOomSbFTPYnErSORGDmQf56hWaiIQcwlRKGF556DGMLB5xxsGcUmvLTeA1CX6kY7COCxwe5h9TlRAUDaPj19wqosaP0oyd02BwIzC3gMl7dFt9T8TlLYDs=~-1~-1~-1~-1~-1; Domain=.qvc.com; Path=/; Expires=Fri, 26 Feb 2027 10:02:29 GMT; Max-Age=31536000; SameSite=None; Secure
bm_sz=BA9C36CB889CD66264154E4EBF0168BE~YAAQxwwDF8Nt2YacAQAA6l9mmR50IrjFjPehiqPwsniZmxOhUjnst3mv3dnMkTV2S3/Sqv8/QV5nYjWRgzKhllm37pNbPFCewA86jrhVvNzAPntxMmsH8O3yfIYoNw9V/4zBOxDg7MavBOpFIAq9ikTbT5kXFiYOEQu8oub4qm6PJOjjR1QRUAPUXH1wuN+nnQINNsRXbFgMUi4O9525M7Bh2z/5VCC7XNgKu6qScbfPUmhiZ8WVgwGnYsRazvvG9SR6fFg4cwssFc0juRxzBzRpsvxekGshN7bzzsBLCDZLjC2N3ra6D4i9WI+XwMdAjTdmjM+UL5b6fFqnaj7t0GNJjB9yelOlsw==~3224642~3616825; Domain=.qvc.com; Path=/; Expires=Thu, 26 Feb 2026 14:02:29 GMT; Max-Age=14400; SameSite=None; Secure

Other Headers

Akamai-Grn-Qvc.com

Other

0.c70c0317.1772100149.42ab3539

Date

Other

Thu, 26 Feb 2026 10:02:29 GMT

X-Akamai-Transformed

Other

l 379221 0 -

X-Processor

Other

apprpaz0062

akamai-grn-qvc.com: 0.c70c0317.1772100149.42ab3539
date: Thu, 26 Feb 2026 10:02:29 GMT
x-akamai-transformed: l 379221 0 -
x-processor: apprpaz0062

Recommendations

Enable compression (gzip/brotli) to improve performance