crest.com | Analytics by SecurityHeaders

HTTP Headers report for crest.com

Header Name Header Data
HTTP status code 200
Set-Cookie SF-CSRF-TOKEN=9ebbd173-4343-4b8a-9e25-06e7c24b28a6; Path=/; Secure; SameSite=Strict
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
Server cloudflare
Cf-Ray 92cc243c1c8c4464-AMS
Alt-Svc h3=":443"; ma=86400
Cache-Control no-store, no-cache, must-revalidate
Vary Accept-Encoding
Pragma no-cache
X-Request-Id 04e0e7094cf1ee4f2c0ec82527dd32ac
Content-Security-Policy script-src *.bigcommerce.com *.betrad.com *.ipify.org *.kaptcha.com *.jebbit.com *.lightboxcdn.com *.dynatrace.com *.azurewebsites.net cdn.jsdelivr.net cdnjs.cloudflare.com *.google-analytics.com *.googleapis.com *.facebook.com *.facebook.net *.google.com *.googlesyndication.com *.devcloudsoftware.com *.zmags.com *.jquery.com *.crazyegg.com *.adsrvr.org sc-static.net *.pinimg.com *.googleadservices.com *.braintreegateway.com *.sandbox.braintree-api.com *.stripe.com *.doubleclick.net *.googletagmanager.com *.agkn.com *.pgsitecore.com *.online-metrix.net *.amazonaws.com *.moatads.com *.paypalobjects.com *.paypal.com *.rewardstyle.com *.adsrvr.org *.adsrvr.org *.moatads.com *.attn.tv *.linkedin.com *.youtube.com *.ytimg.com *.bing.com *.gstatic.com smileadvisor.crest.com *.addthis.com *.addthisedge.com *.moatads.com *.agkn.com *.online-metrix.net *.ravenjs.com *.addrexx10.com *.bizographics.com *.cardinalcommerce.com *.bazaarvoice.com *.yotpo.com cdn.cookielaw.org *.cloudfront.net *.rpxnow.com *.iesnare.com *.polyfill.io geolocation.onetrust.com *.sharethis.com *.tapad.app *.pepperjam.com *.segment.com *.affirm.com *.minibc.com *.pricespider.com *.mapbox.com *.lytics.io *.ordergroove.com *.pepperjamnetwork.com *.tp88trk.com *.snapchat.com *.tiktok.com *.rokt.com *.ssacdn.com *.swaven.com pghub.io https://tapjoy.go2cloud.org/SL2Wm https://shareasale-analytics.com/j.js optanon.blob.core.windows.net b-code.liadm.com 'self' 'unsafe-eval' 'unsafe-inline' blob:
Cf-Cache-Status DYNAMIC
Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISgb9L4Fz18XZYv0aBOCzAAp2k0zGfNIrRCKXON51znvr9Q4zTTH21FUwCg1q87LXe7xZ50xs4UpTEMgPss%2BTKP%2B69vVuiK76TtC8cOa1NrWWk%2FdI1LcFGqYCw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date Mon, 07 Apr 2025 20:05:45 GMT
Connection keep-alive
Link <https://apps.bazaarvoice.com/deployments/crest-en_us/main_site/production/en_US/bv.js>; rel=preload; as=script
X-Frame-Options sameorigin
Nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Bc-Ray 1
Content-Type text/html; charset=UTF-8
X-Content-Type-Options nosniff
X-Permitted-Cross-Domain-Policies none
Expires Thu, 19 Nov 1981 08:52:00 GMT

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar