| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Alt-Svc | h3=":443"; ma=86400 |
| Vary | Accept-Encoding |
| Pragma | no-cache |
| X-Azure-Ref | 20250419T145503Z-16b49dc5d6d9r7k6hC1AMSbztw000000072g00000000ae5w |
| Server | cloudflare |
| Connection | keep-alive |
| Age | 59037 |
| Expires | -1 |
| Cache-Control | no-store, no-cache, must-revalidate, max-age=0 |
| X-Xss-Protection | 1; mode=block |
| X-Cache | CONFIG_NOCACHE |
| Speculation-Rules | "/cdn-cgi/speculation" |
| Access-Control-Allow-Origin | https://us.christianlouboutin.com |
| Access-Control-Allow-Credentials | true |
| Access-Control-Allow-Headers | Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With |
| Strict-Transport-Security | max-age=31536000 |
| X-Frame-Options | SAMEORIGIN |
| Content-Security-Policy | worker-src blob:; font-src https://plugin-magento-ui.glopalservice.com *.fontawesome.com maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com *.christianlouboutin.com data: fonts.gstatic.com *.iadvize.com s3-eu-central-1.amazonaws.com www.booxi.com www.booxi.eu *.baqend.com *.google.ch *.abtasty.com abtasty.com www.paypalobjects.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de *.christianlouboutin.com www.facebook.com idcheck.acs.touchtechpayments.com/v1/payerAuthentication https: *.salesforce.com */* *.baqend.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ www.googletagmanager.com *.adyen.com pay.google.com *.paypal.com magento-cloudflare.jetrails.com https://www.youtube.com *.google.com/ *.christianlouboutin.com *.online-metrix.net *.signifyd.com *.freecaster.com checkoutshopper-test.adyen.com checkoutshopper-live.adyen.com www.facebook.com www.youtube.com vimeo.com *.akamaihd.net https: www.booxi.com www.booxi.eu *.contentsquare.net *.abtasty.com abtasty.com *.blivenyc.com csxd.christianlouboutin.com https://*.online-metrix.net https://imgs.signifyd.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com blob: data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.adyen.com pay.google.com *.payments-amazon.com *.media-amazon.com *.paypalobjects.com data: https://cdn-redirector.glopal.com https://plugin-magento-ui.glopalservice.com *.ytimg.com cdn.cookielaw.org https://www.magezon.com *.christianlouboutin.com *.signifyd.com *.online-metrix.net imgs.cdn-btsg.com *.pinterest.com px.ads.linkedin.com *.facebook.com cx.atdmt.com checkoutshopper-test.adyen.com checkoutshopper-live.adyen.com stats.g.doubleclick.net bat.bing.com *.google.com *.google.fr *.google.bs *.google.at *.google.nl *.google.co.in *.google.co.uk *.google.ch *.google.es *.google.de *.google.com.ua *.google.com.mx *.google.com.kh maps.googleapis.com chart.googleapis.com *.gstatic.com lh3.googleusercontent.com *.iadvize.com s3-eu-central-1.amazonaws.com googleads.g.doubleclick.net *.akamaihd.net *.useinsider.com www.booxi.com www.booxi.eu *.teads.tv *.snapchat.com *.googletagmanager.com *.baqend.com *.contentsquare.net *.abtasty.com abtasty.com *.browser-intake-datadoghq.eu browser-intake-datadoghq.eu analytics.tiktok.com a.mktgcdn.com https://imgs.signifyd.com https://*.online-metrix.net data: 'self' 'unsafe-inline'; script-src secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ www.googletagmanager.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com https://cdn-redirector.glopal.com https://plugin-magento-ui.glopalservice.com cdn-renderer.glopalstore.com cdn.cookielaw.org www.datadoghq-browser-agent.com *.google.com/ https://cdnjs.cloudflare.com *.christianlouboutin.com data: service.force.com *.salesforce.com static.lightning.force.com *.salesforce-sites.com imgs.cdn-btsg.com *.signifyd.com s.pinimg.com snap.licdn.com checkoutshopper-test.adyen.com checkoutshopper-live.adyen.com cdn.mxpnl.com *.iadvize.com s3-eu-central-1.amazonaws.com *.google.com *.google.fr *.google.nl *.google.ch *.googletagmanager.com polyfill.io *.google-analytics.com *.googlesyndication.com www.youtube.com www.gstatic.com bat.bing.com maps.googleapis.com *.salesforceliveagent.com *.facebook.net *.pinterest.com d.line-scdn.net analytics.tiktok.com sf16-scmcdn-va.ibytedtos.com *.vimeo.com *.akamaihd.net *.useinsider.com europe-west1-consent-lab.cloudfunctions.net www.booxi.eu www.booxi.com wurfl.io *.browser-intake-datadoghq.eu browser-intake-datadoghq.eu *.cloudflare.com *.target2sell.com *.mirakl.net *.contentsquare.net app.contentsquare.com *.teads.tv sc-static.net *.snapchat.com *.doubleclick.net *.cookielaw.org *.baqend.com *.onetrust.com cdn.jsdelivr.net *.cloudflareinsights.com *.pw.adn.cloud abtasty.com *.abtasty.com conversions.lunio.ai *.prod.mplat-ppcprotect.com *.debugbear.com stats.g.doubleclick.net ajax.cloudflare.com *.online-metrix.net *.get-potions.com christianlouboutin.dataiads.io *.salesforce-scrt.com *.site.com https://cdn-scripts.signifyd.com https://imgs.signifyd.com https://h64.online-metrix.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src https://cdn-redirector.glopal.com https://plugin-magento-ui.glopalservice.com *.fontawesome.com maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://cdnjs.cloudflare.com *.christianlouboutin.com data: fonts.googleapis.com www.googletagmanager.com tagmanager.google.com *.google.ch *.iadvize.com s3-eu-central-1.amazonaws.com www.booxi.com www.booxi.eu *.baqend.com service.force.com *.salesforce-sites.com *.salesforce.com *.abtasty.com abtasty.com *.salesforce-scrt.com *.site.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src blob: *.christianlouboutin.com *.akamaized.net player.vimeo.com www.vimeo.com *.vimeocdn.com *.akamaihd.net *.useinsider.com *.baqend.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adyen.com *.google.com google.com payments-eu.amazon.com *.paypal.com https://api-plugin-facade.glopalservice.com https://cognito-idp.eu-west-1.amazonaws.com api.glopaltranslator.com cdn.cookielaw.org geolocation.onetrust.com *.run.app *.christianlouboutin.com blob: *.signifyd.com imgs.cdn-btsg.com *.useinsider.com europe-west1-consent-lab.cloudfunctions.net us-central1-data-hal-9000.cloudfunctions.net *.google-analytics.com *.google.ch *.googlesyndication.com www.googleadservices.com *.doubleclick.net bat.bing.com bat.bing.net *.cookielaw.org *.pinterest.com pinterest.com api-js.mixpanel.com *.iadvize.com *.facebook.com *.google.fr *.google.nl wss://*.iadvize.com analytics.tiktok.com maps.googleapis.com *.browser-intake-datadoghq.eu browser-intake-datadoghq.eu *.teads.tv *.target2sell.com *.mirakl.net *.snapchat.com gtm-server-prod-20100-zjnlfnzdgq-ew.a.run.app *.baqend.com *.onetrust.com *.contentsquare.net *.contentsquare.com *.salesforce-sites.com *.freecaster.com *.adn.cloud *.abtasty.com abtasty.com *.prod.mplat-ppcprotect.com *.blivenyc.com *.debugbear.com christianlouboutin.dataiads.io *.salesforce-scrt.com https://imgs.signifyd.com 'self' 'unsafe-inline'; child-src blob: http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; |
| X-Content-Type-Options | nosniff |
| Cf-Cache-Status | DYNAMIC |
| Cf-Ray | 932d3d9c0b26a419-AMS |
| Date | Sat, 19 Apr 2025 14:55:03 GMT |
| Content-Type | text/html; charset=UTF-8 |
| Access-Control-Allow-Methods | GET, OPTIONS, POST |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar