crick.ac.uk | Analytics by SecurityHeaders

HTTP Headers report for crick.ac.uk

Header Name Header Data
HTTP status code 200
X-Frame-Options SAMEORIGIN
Expires Sun, 19 Nov 1978 05:00:00 GMT
Etag W/"1744101621"
X-Xss-Protection 1; mode=block
Last-Modified Tue, 08 Apr 2025 08:40:21 GMT
Strict-Transport-Security max-age=31536000
Via 1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
Content-Type text/html; charset=UTF-8
Cache-Control max-age=21600, public
X-Drupal-Dynamic-Cache HIT
X-Amz-Cf-Pop AMS1-P3
Age 9353
X-Content-Type-Options nosniff
X-Drupal-Cache HIT
Referrer-Policy origin
Vary Cookie
X-Cache Hit from cloudfront
X-Amz-Cf-Id sgN7gFJTrBpFn_UanN-i-DNmTm8TVCHwtIeUJHruvS0IoHXjNp1bQA==
Content-Security-Policy default-src 'self' 'unsafe-inline' *.altmetric.com *.powerbi.com *.cloudfront.net *.hotjar.com *.hotjar.io 'unsafe-eval' *.crick.ac.uk *.google.com *.google.co.uk *.google-analytics.com *.gstatic.com *.googleapis.com *.vimeo.com *.vimeocdn.com *.youtube.com *.soundcloud.com *.twitter.com *.youtube.com *.twimg.com theta360.com cdn.rawgit.com raw.githubusercontent.com *.facebook.com *.infogram.com *.googletagmanager.com data:; ; script-src 'self' 'unsafe-inline' *.altmetric.com *.cloudfront.net *.hotjar.com *.hotjar.io 'unsafe-eval' theta360.com crick.us13.list-manage.com *.mailchimp.com *.theta360.com *.google.com *.google.co.uk *.google-analytics.com *.googleapis.com use.typekit.net *.vimeocdn.com *.vimeo.com vimeo.com *.twitter.com *.twimg.com *.youtube.com *.googletagmanager.com tagmanager.google.com cdnjs.cloudflare.com cdn.rawgit.com s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js *.cloudfront.net/assets/embed.js cdn.jsdelivr.net connect.facebook.net *.infogram.com unpkg.com; style-src 'self' 'unsafe-inline' use.typekit.net p.typekit.net cdnjs.cloudflare.com *.google.com *.google.co.uk *.googleapis.com *.twitter.com *.mailchimp.com cdn.jsdelivr.net *.cloudfront.net unpkg.com; font-src 'self' 'unsafe-inline' use.typekit.net fonts.googleapis.com *.gstatic.com data:; ; connect-src 'self' wss://ws.hotjar.com *.hotjar.com *.hotjar.io *.google-analytics.com *.doubleclick.net; report-uri /report-csp-violation
Date Tue, 08 Apr 2025 09:17:38 GMT
Server nginx
Content-Language en
Connection keep-alive
From-Origin same

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar