HTTP Headers Analysis for https://usw2-redd-prod.apple.com

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; connect-src; font-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

accept-encoding

connection: close
transfer-encoding: chunked
vary: accept-encoding

Caching Headers

Cache-Control

Caching

private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0

Expires

Caching

Thu, 01 Jan 1970 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Language

Content

en-US

Content-Type

Content

text/html;charset=UTF-8

content-language: en-US
content-type: text/html;charset=UTF-8

Server Headers

Server

Apple

server: Apple

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: dslang=US-EN; Max-Age=15552000; Expires=Tue, 06 Oct 2026 04:39:51 GMT; Domain=apple.com; Path=/; Secure; HttpOnly
dawsp=1A0D2BFCEEB92807DF0C9B70D3F18119D51070DE3EA2C3A5705CC4432A6069812B398FB2A43F98D0A300E6B1627990D5F325D2AEF15E0F1E6669ABF9301CCEF84F7A93982ADC9BDD0F5060AA83CCBC3E4018F742644DC61C967F0283593A6F66EA0F996F43D30328A0DBD68E3DA4D1F48E9E95132A70193D; Domain=idmsa.apple.com; Path=/; Secure; HttpOnly

Other Headers

Date

Other

Thu, 09 Apr 2026 04:39:51 GMT

Scnt

Other

AAAA-jFBMEQyQkZDRUVCOTI4MDdERjBDOUI3MEQzRjE4MTE5RDUxMDcwREUzRUEyQzNBNTcwNUNDNDQzMkE2MDY5ODEyQjM5OEZCMkE0M0Y5OEQwQTMwMEU2QjE2Mjc5OTBENUYzMjVEMkFFRjE1RTBGMUU2NjY5QUJGOTMwMUNDRUY4NEY3QTkzOTgyQURDOUJERDBGNTA2MEFBODNDQ0JDM0U0MDE4Rjc0MjY0NERDNjFDOTY3RjAyODM1OTNBNkY2NkVBMEY5OTZGNDNEMzAzMjhBMERCRDY4RTNEQTREMUY0OEU5RTk1MTMyQTcwMTkzRHwxAAABnXCX0bLKE8fdYJUMP3ZWBV4pEkOt1pesCtzUjT2p-8ShcT-f9ROpfSpauN3_AA8BiaULO0REOJCtBXNt81QsGRbIpEBskEXgr5M63PfQoh9BxfL_-w

X-Apple-I-Request-Id

Other

257f384b-33ce-11f1-bd11-47650eb0e9e4

X-Apple-Id-Session-Id

Other

1A0D2BFCEEB92807DF0C9B70D3F18119D51070DE3EA2C3A5705CC4432A6069812B398FB2A43F98D0A300E6B1627990D5F325D2AEF15E0F1E6669ABF9301CCEF84F7A93982ADC9BDD0F5060AA83CCBC3E4018F742644DC61C967F0283593A6F66EA0F996F43D30328A0DBD68E3DA4D1F48E9E95132A70193D

date: Thu, 09 Apr 2026 04:39:51 GMT
scnt: AAAA-jFBMEQyQkZDRUVCOTI4MDdERjBDOUI3MEQzRjE4MTE5RDUxMDcwREUzRUEyQzNBNTcwNUNDNDQzMkE2MDY5ODEyQjM5OEZCMkE0M0Y5OEQwQTMwMEU2QjE2Mjc5OTBENUYzMjVEMkFFRjE1RTBGMUU2NjY5QUJGOTMwMUNDRUY4NEY3QTkzOTgyQURDOUJERDBGNTA2MEFBODNDQ0JDM0U0MDE4Rjc0MjY0NERDNjFDOTY3RjAyODM1OTNBNkY2NkVBMEY5OTZGNDNEMzAzMjhBMERCRDY4RTNEQTREMUY0OEU5RTk1MTMyQTcwMTkzRHwxAAABnXCX0bLKE8fdYJUMP3ZWBV4pEkOt1pesCtzUjT2p-8ShcT-f9ROpfSpauN3_AA8BiaULO0REOJCtBXNt81QsGRbIpEBskEXgr5M63PfQoh9BxfL_-w
x-apple-i-request-id: 257f384b-33ce-11f1-bd11-47650eb0e9e4
x-apple-id-session-id: 1A0D2BFCEEB92807DF0C9B70D3F18119D51070DE3EA2C3A5705CC4432A6069812B398FB2A43F98D0A300E6B1627990D5F325D2AEF15E0F1E6669ABF9301CCEF84F7A93982ADC9BDD0F5060AA83CCBC3E4018F742644DC61C967F0283593A6F66EA0F996F43D30328A0DBD68E3DA4D1F48E9E95132A70193D

Recommendations

Enable compression (gzip/brotli) to improve performance