HTTP Headers Analysis for https://made.com

Detected Technologies from Headers

See all in URL Inspect 2

ASP.NET

Akamai

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Weak

frame-ancestors Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close, Transfer-Encoding

Transfer-Encoding

Performance

chunked

Vary

Performance

User-Agent

connection: close, Transfer-Encoding
transfer-encoding: chunked
vary: User-Agent

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store

Etag

Caching

"CD3B3F4A9A034923FD9E716D0E57DADE:309B81B61A8B2983ACA5030AC0231E78"

Expires

Caching

Tue, 24 Feb 2026 07:41:05 GMT

Pragma

Caching

no-cache

cache-control: max-age=0, no-cache, no-store
etag: "CD3B3F4A9A034923FD9E716D0E57DADE:309B81B61A8B2983ACA5030AC0231E78"
expires: Tue, 24 Feb 2026 07:41:05 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

Access-Control-Allow-Credentials

Cors

true

Access-Control-Allow-Origin

Cors

https://www.made.com

access-control-allow-credentials: true
access-control-allow-origin: https://www.made.com

Cookies Headers

Set-Cookie

Cookies

set-cookie: ASP.NET_SessionId=jtdzzokaqva0l3fwd5c1cebn; path=/; HttpOnly; SameSite=Lax
akaas_MEGANAV_2022_PD=2147483647~rv=63~id=5ff198aba656b2d92fbe98316477d2d4; path=/; Secure; SameSite=None
NextDeviceType=Desktop; expires=Tue, 24-Feb-2026 10:41:05 GMT; path=/
NSC_wtsw_uqt_vl_nbjotjuf_iuuq=ffffffff660282d445525d5f4f58455e445a4a423660;path=/;httponly
_abck=96C8F9004111E51536348C02C09E5FFA~-1~YAAQ0GncF+7+woOcAQAACjOYjg/spm0Z2fMv6BIWnmnJhQqSZY9twlsl5+ZWoZ7B0JOCS9QmRENzMKKqJWmWdRYYB5DI9ICpb9nrMYAzVfLdfBHIwYW1mGe5qY5YU9O/6mD4zVnojfW0J/Vk9Ffl6ZHg5GPYmhNns+l77SfG5Ydb7iBA2SYUalu/NDYpAl5JxrsVy78EKOYFtnDrLnCJ4Vyyu37QrxHfjGfQnktQWbmDUBqofEeeVt06teRjSdYkp9o77nzAd9MFFAJTs1W69DI4X14ziZ+GXQ8RPI3+z180Hab0KQ01HE+6RkD8SqJH7cfcIZYkHsk/8j9Ex68DP5oJtOS23U1qrPzyxivxcITOuwFexldDrEwKI2SquQfy8lfIp1ugOKoazkwvtWnhL3iq1eo/jLXtvHl1JKH7cLOfJwipbto/Bel4HIBoX5v5C8Ha~-1~-1~-1~-1~-1; Domain=.made.com; Path=/; Expires=Wed, 24 Feb 2027 07:41:05 GMT; Max-Age=31536000; Secure
bm_sz=1CBCD5EBD78264F16A684B633F1648F0~YAAQ0GncF+/+woOcAQAACjOYjh72m5ntZahVIehPiy7p80iMUzldsFNazGIJ73KOIH9zCOOcdeh39sUpr6HLkqgRdQMvFrIP1MpIAkn7VgBPU42d4Smgy29VQUGH6hTec4c1Ft52EOUVzGIiH9JxPiJXaIERvF0E+T5F4bui7hPVwzfiXwAoXbky4q1DtkPJmn3gELI2Fu93M1qZvnMuIDZ3pCoP79N+Y8Lh/EWoZu038s41bk1dC2McDOH54CB30IZ1wr1GF/PyONWprzKUGwxS0tqWY9/2zFltk+FLmgoUjIgpzIGgP1h+tax0AtzXVWErns824HiiWHoK8CoLiFvrkkjZN4zWoUctPw==~3552053~3421252; Domain=.made.com; Path=/; Expires=Tue, 24 Feb 2026 11:41:04 GMT; Max-Age=14399

Other Headers

Comparision-Value

Other

True

Date

Other

Tue, 24 Feb 2026 07:41:05 GMT

Original-Uri

Other

http://www.made.com/

X-Akamai-Transformed

Other

0 472694 0 -

X-Esi-Enabled

Other

true

X-Nextversion

Other

2026.211.500.3

X-Requesturl

Other

/

X-Ua-Compatible

Other

IE=Edge

comparision-value: True
date: Tue, 24 Feb 2026 07:41:05 GMT
original-uri: http://www.made.com/
x-akamai-transformed: 0 472694 0 -
x-esi-enabled: true
x-nextversion: 2026.211.500.3
x-requesturl: /
x-ua-compatible: IE=Edge

Recommendations

Enable compression (gzip/brotli) to improve performance