| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Mime-Version | 1.0 |
| Cache-Control | max-age=0, no-cache, no-store |
| Access-Control-Allow-Origin | * |
| Access-Control-Allow-Headers | * |
| Referrer-Policy | strict-origin-when-cross-origin |
| Expect-Ct | max-age=0 |
| X-Content-Type-Options | nosniff |
| Content-Type | text/html |
| Expires | Sat, 19 Apr 2025 04:01:12 GMT |
| Pragma | no-cache |
| Date | Sat, 19 Apr 2025 04:01:12 GMT |
| Server-Timing | cdn-cache; desc=HIT |
| X-Frame-Options | DENY |
| Feature-Policy | accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' |
| X-Xss-Protection | 1; mode=block |
| Server | AkamaiGHost |
| Content-Length | 384 |
| Access-Control-Allow-Methods | GET,HEAD |
| Content-Security-Policy | connect-src 'self' my-ducati-stg.s3.eu-west-1.amazonaws.com my-ducati-dev.s3.eu-west-1.amazonaws.com my-ducati-prd.s3.eu-west-1.amazonaws.com *.dynatrace.com api-public.ducati.com wurfl.io c.go-mpulse.net calculator.vwfs.com calculator.volkswagenbank.de s.yimg.com www.facebook.com *.facebook.com apiwheel.h-en.me *.akstat.io *.akamaihd.net performance.typekit.net *.rsc.cdn77.org dasfelynsaterr.webcam videoram.com www.bing.com *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.analytics.google.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com secure-ds.serving-sys.com images.ctfassets.net *.serving-sys.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.georide.com *.googlesyndication.com *.yahoo.co.jp *.clarity.ms ; font-src data: *.georide.com *.googlesyndication.com *.yahoo.co.jp 'self' fonts.gstatic.com github.com media.ducati.com assets.ducati.com use.typekit.net chrome-extension *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com *.awsducati.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; script-src-elem data: *.dynatrace.com assets.ducati.com platform.twitter.com pixel.mathtag.com loadus.exelator.com *.snt.imrworldwide.com pool.adizio.com pool.admedo.com gc.kis.v2.scr.kaspersky-labs.com s.yimg.com sp.analytics.yahoo.com 'self' 'unsafe-inline' *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms *.georide.com *.googlesyndication.com *.yahoo.co.jp s.go-mpulse.net s2.adform.net use.typekit.net wurfl.io *.googletagmanager.com www.gstatic.com www.volkswagenbank-cloud.de gateway.zscalertwo.net about *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com *.awsducati.com secure-ds.serving-sys.com bs.serving-sys.com cdn.scaleflex.it analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; script-src *.dynatrace.com assets.ducati.com platform.twitter.com s.yimg.com use.typekit.net 'self' 'unsafe-eval' 'unsafe-inline' s.go-mpulse.net wurfl.io *.googletagmanager.com www.gstatic.com www.volkswagenbank-cloud.de *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms *.georide.com *.googlesyndication.com *.yahoo.co.jp s2.adform.net sp.analytics.yahoo.com *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com *.awsducati.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; base-uri 'self' *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms *.georide.com *.googlesyndication.com *.yahoo.co.jp; frame-src *.georide.com *.googlesyndication.com *.yahoo.co.jp pixel.mathtag.com platform.twitter.com www.youtube.com youtu.be www.facebook.com *.googletagmanager.com remove.video *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; img-src 'self' about data: * *.linkedin.com *.georide.com *.googlesyndication.com *.yahoo.co.jp *.licdn.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; script-src-attr 'unsafe-inline' *.linkedin.com *.georide.com *.googlesyndication.com *.yahoo.co.jp *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; style-src-attr 'unsafe-inline' *.linkedin.com *.georide.com *.googlesyndication.com *.yahoo.co.jp *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms; style-src-elem 'self' 'unsafe-inline' assets.ducati.com *.georide.com *.googlesyndication.com *.yahoo.co.jp fonts.googleapis.com adblockers.opera-mini.net *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com *.awsducati.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms *.georide.com *.googlesyndication.com *.yahoo.co.jp; style-src 'self' 'unsafe-eval' 'unsafe-inline' assets.ducati.com fonts.googleapis.com translate.googleapis.com *.linkedin.com *.licdn.com *.google-analytics.com *.googleadservices.com *.google.com *.google.it *.doubleclick.net emea-ducati.netmng.com *.facebook.net *.a8723.com u.logbor.com mm.markandmini.com ad13.adfarm1.adition.com s.yimg.jp b92.yahoo.co.jp track.adform.net aax-eu.amazon-adsystem.com cdn.cookielaw.org *.onetrust.com youtube.com cdn.hypemarks.com tags.srv.stackadapt.com *.awsducati.com analytics.tiktok.com *.taboola.com *.twitter.com *.googleapis.com *.mouseflow.com teads.tv *.clarity.ms *.georide.com *.googlesyndication.com *.yahoo.co.jp |
| Strict-Transport-Security | max-age=31536000; preload |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar