| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Set-Cookie | __cf_bm=TDS6srC3yznxS_ATWv8hc.z27YJuLTtUOBEVRkBP6gY-1744041339-1.0.1.1-c72OZZQdWTp8GlHC281ephNAaSohlSPXb63bOoYFh23SzHHogEl_60TTL1ifcMpSdWgJhclv1OhULQD.9qIR222P_jwpLxut3vDgMnzM0cE; path=/; expires=Mon, 07-Apr-25 16:25:39 GMT; domain=.crc.com; HttpOnly; Secure; SameSite=None |
| Content-Type | text/html; charset=UTF-8 |
| Content-Security-Policy | default-src 'self' bam-cell.nr-data.net bam.nr-data.net cm.everesttech.net thomsonreuterscorporategroupweb.sc.omtrdc.net *.demdex.net www.google-analytics.com www.googletagmanager.com www.adobetag.com *.facebook.net api.nasdaqomx.wallst.com www.google.com *.addthis.com *.addthisedge.com www.googleadservices.com thomsonreuterscorporategroupweb.d2.sc.omtrdc.net stats.g.doubleclick.net *.sharethis.com *.pixel.parsely.com www.recaptcha.net *.gstatic.com c212.net pixel.mathtag.com *.kscope.io *.globenewswire.com *.accesswire.com *.businesswire.com *.prnewswire.com *.c212.net *.youtube.com *.vimeo.com *.media-server.com *.akamaihd.net media.corporate-ir.net *.unisonir.com cloudinary.com *.segment.com *.notified.com *.pendo.io www.youtube.com; connect-src 'self' *.uni.wdc.west.com *.sharethis.com *.unisonir.com *.demdex.net bam-cell.nr-data.net bam.nr-data.net api.segment.io thomsonreuterscorporategroupweb.sc.omtrdc.net *.akamaihd.net *.notified.com *.pendo.io *.kscope.io *.imirwin.com www.youtube.com *.google.com; font-src 'self' fonts.googleapis.com cloud.typography.com fonts.gstatic.com uninav.notified.com stackpath.bootstrapcdn.com *.kscope.io data:; frame-src 'self' s7.addthis.com tools.eurolandir.com www.google.com *.sharethis.com api.nasdaqomx.wallst.com *.demdex.net www.recaptcha.net cloudinary.com player.cloudinary.com *.notified.com *.globenewswire.com www.youtube.com; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.recaptcha.net js-agent.newrelic.com *.jquery.com *.gstatic.com bam-cell.nr-data.net bam.nr-data.net *.akamaihd.net uninav.notified.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com https://assets.adobedtm.com https://code.jquery.com https://media-library.cloudinary.com https://uninav.notified.com https://unpkg.com https://upload-widget.cloudinary.com https://www.google.com https://www.recaptcha.net www.google.com; script-src-elem 'self' 'unsafe-inline' *.uni.wdc.west.com s7.addthis.com www.google.com www.googletagmanager.com www.google-analytics.com siteimproveanalytics.com cdn.parsely.com www.adobetag.com www.recaptcha.net *.gstatic.com *.sharethis.com *.akamaihd.net *.kscope.io *.unisonir.com js-agent.newrelic.com bam-cell.nr-data.net bam.nr-data.net code.jquery.com cdn.segment.com *.pendo.io *.notified.com *.imirwin.com https://assets.adobedtm.com https://code.jquery.com https://media-library.cloudinary.com https://uninav.notified.com https://unpkg.com https://upload-widget.cloudinary.com https://www.google.com https://www.recaptcha.net; style-src 'self' 'unsafe-inline' uninav.notified.com fonts.googleapis.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com *.gstatic.com https://fonts.googleapis.com https://uninav.notified.com https://unpkg.com; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com *.uni.wdc.west.com *.sharethis.com www.google.com ajax.googleapis.com *.kscope.io *.unisonir.com *.gstatic.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com *.notified.com *.pendo.io https://fonts.googleapis.com https://uninav.notified.com https://unpkg.com; form-action 'self' |
| X-Drupal-Dynamic-Cache | UNCACHEABLE (poor cacheability) |
| X-Request-Id | v-da5827f2-13c6-11f0-b744-43fbef350b93 |
| Expect-Ct | max-age=0, report-uri="/report-expect-ct-violation" |
| X-Frame-Options | SAMEORIGIN |
| Expires | Mon, 07 Apr 2025 15:55:39 GMT |
| From-Origin | same |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| Content-Language | en |
| X-Age | 815 |
| Cache-Control | public, max-age=0, s-maxage=2700 |
| Server | cloudflare |
| Feature-Policy | accelerometer 'none';ambient-light-sensor 'none';autoplay 'self';camera 'none';encrypted-media 'none';fullscreen 'self';geolocation 'self';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';speaker 'self';sync-xhr 'self';usb 'none';vibrate 'none';vr 'none' |
| Cf-Cache-Status | DYNAMIC |
| Cf-Ray | 92cab5e518d514bd-AMS |
| Connection | keep-alive |
| Last-Modified | Mon, 07 Apr 2025 15:42:03 GMT |
| Referrer-Policy | no-referrer-when-downgrade |
| X-Cache-Hits | 15 |
| Date | Mon, 07 Apr 2025 15:55:39 GMT |
| X-Xss-Protection | 1; mode=block |
| Vary | Accept-Encoding |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar