HTTP Headers Analysis for https://sp.itunes.apple.com

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

No caching headers found

Content Headers

Content-Length

Content

43

Content-Type

Content

application/json

content-length: 43
content-type: application/json

Server Headers

Server

daiquiri/5

server: daiquiri/5

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Apple-Originating-System

Other

MZStorePlatform

Apple-Seq

Other

0.0

Apple-Timing-App

Other

0 ms

Apple-Tk

Other

false

B3

Other

4e72116d5371430a8d8297727f2e92e9-48b2fc8ed997fb72

Date

Other

Sat, 28 Mar 2026 23:30:39 GMT

X-Apple-Application-Instance

Other

3203002

X-Apple-Application-Site

Other

MR22

X-Apple-Jingle-Correlation-Key

Other

JZZBC3KTOFBQVDMCS5ZH6LUS5E

X-Apple-Request-Uuid

Other

4e72116d-5371-430a-8d82-97727f2e92e9

X-B3-Spanid

Other

48b2fc8ed997fb72

X-B3-Traceid

Other

4e72116d5371430a8d8297727f2e92e9

X-Daiquiri-Debug-Worker-Pid

Other

1692

X-Daiquiri-Instance

Other

daiquiri:12282006:mr47p00it-qujn05121902:7987:26RELEASE56:daiquiri-amp-store-l7shared-ext-001-mr

X-Responding-Instance

Other

MZStorePlatform:3203002:::

apple-originating-system: MZStorePlatform
apple-seq: 0.0
apple-timing-app: 0 ms
apple-tk: false
b3: 4e72116d5371430a8d8297727f2e92e9-48b2fc8ed997fb72
date: Sat, 28 Mar 2026 23:30:39 GMT
x-apple-application-instance: 3203002
x-apple-application-site: MR22
x-apple-jingle-correlation-key: JZZBC3KTOFBQVDMCS5ZH6LUS5E
x-apple-request-uuid: 4e72116d-5371-430a-8d82-97727f2e92e9
x-b3-spanid: 48b2fc8ed997fb72
x-b3-traceid: 4e72116d5371430a8d8297727f2e92e9
x-daiquiri-debug-worker-pid: 1692
x-daiquiri-instance: daiquiri:12282006:mr47p00it-qujn05121902:7987:26RELEASE56:daiquiri-amp-store-l7shared-ext-001-mr
x-responding-instance: MZStorePlatform:3203002:::

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching