| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Ua-Compatible | IE=edge,chrome=1 |
| Cf-Ray | 92ce78d368e03581-AMS |
| Content-Type | text/html; charset=UTF-8 |
| Expires | Thu, 19 Nov 1981 08:52:00 GMT |
| Vary | User-Agent |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
| Date | Tue, 08 Apr 2025 02:53:01 GMT |
| Connection | keep-alive |
| Pragma | no-cache |
| Cf-Cache-Status | DYNAMIC |
| Server | cloudflare |
| Set-Cookie | UKNGS=78a7480e878020b1ae78a916307aa101; path=/; SameSite=None; domain=.ebuyer.com; secure; HttpOnly |
| Strict-Transport-Security | max-age=604800; includeSubDomains |
| Cache-Control | no-store, no-cache, must-revalidate |
| Content-Security-Policy | default-src 'self' *.ebuyer.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net *.cnetcontent.com *.cnetcontentsolutions.com www.dwin1.com e2d2.easy2.com *.google.com *.google-analytics.com *.googleadservices.com *.googlecommerce.com *.googletagmanager.com *.niceincontact.com *.reevoo.com *.feefo.com www.gstatic.com *.facebook.net *.twitter.com content.syndigo.net *.exponea.com blob: *.turn.com snap.licdn.com px.ads.linkedin.com widget.trustpilot.com w-it.m-t.io *.segmentify.com *.webgains.io cnstrc.com www.googleoptimize.com *.googleapis.com *.tiktok.com collector-11098.tvsquared.com *.klaviyo.com *.clarity.ms js.hs-scripts.com js.hs-analytics.net js.hscollectedforms.net *.hotjar.com *.redditstatic.com *.1worldsync.com *.fullstory.com *.mention-me.com smct.co smct.io *.smct.co *.smct.io *.onetrust.com *.bing.com *.ads-twitter.com *.quantserve.com *.hs-banner.com *.quantcount.com metrics.ebuyer.com media.flixcar.com media.flixfacts.com *.flix360.io *.flix360.com *.visualwebsiteoptimizer.com app.vwo.com 'self' blob: googleads.g.doubleclick.net https://secure.dekopay.com *.doubleclick.net; object-src 'self' *.reevoo.com *.feefo.com; style-src 'self' 'unsafe-inline' *.cloudfront.net *.cnetcontentsolutions.com *.cnetcontent.com *.reevoo.com *.feefo.com *.google.com fonts.googleapis.com *.segmentify.com *.1worldsync.com *.niceincontact.com *.hotjar.com media.flixcar.com media.flixfacts.com *.flix360.io *.flix360.com *.visualwebsiteoptimizer.com app.vwo.com; img-src 'self' data: *.cloudfront.net *.cnetcontent.com *.cnetcontentsolutions.com *.cnetcontentsyndication.com *.doubleclick.net img.ebyrcdn.net *.ebuyer.com *.facebook.com *.google.ie *.google.com *.google.co.uk *.google-analytics.com *.niceincontact.com al-de-platform-avatars.s3.eu-west-2.amazonaws.com www.googlecommerce.com *.gstatic.com bat.r.msn.com *.reevoo.com *.feefo.com *.twitter.com *.syndigo.net ads.yahoo.com w-it.m-t.io px.ads.linkedin.com collector-11098.tvsquared.com *.klaviyo.com *.hubspot.com *.reddit.com *.1worldsync.com smct.co smct.io *.smct.co *.smct.io *.onetrust.com *.hotjar.com bat.bing.com *.quantserve.com *.hsforms.com media.flixcar.com media.flixfacts.com *.flix360.io *.flix360.com *.visualwebsiteoptimizer.com app.vwo.com *.t.co *.prreqcroab.icu; media-src 'none'; frame-src 'self' *.cnetcontentsolutions.com *.reevoo.com *.feefo.com *.niceincontact.com www.googlecommerce.com *.google.com *.facebook.com *.twitter.com *.youtube.com *.cnetcontent.com *.trustpilot.com *.hotjar.com *.1worldsync.com *.mention-me.com https://mention-me.com smct.co smct.io *.smct.co *.smct.io d2d7do8qaecbru.cloudfront.net media.flixcar.com media.flixfacts.com *.flix360.io *.flix360.com *.visualwebsiteoptimizer.com app.vwo.com *.googletagmanager.com metrics.ebuyer.com *.googlesyndication.com *.doubleclick.net; font-src 'self' 'self' data: 'unsafe-inline' fonts.gstatic.com x.klarnacdn.net *.reevoo.com *.feefo.com *.niceincontact.com fonts.smct.co fonts.smct.io *.hotjar.com media.flixcar.com media.flixfacts.com *.flix360.io *.flix360.com; connect-src 'self' *.googlecommerce.com *.google-analytics.com *.exponea.com *.turn.com *.niceincontact.com wss: *.niceincontact.com *.segmentify.com *.webgains.io *.cnstrc.com *.googleapis.com *.klaviyo.com *.tiktok.com *.clarity.ms *.hubspot.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.fullstory.com *.mention-me.com https://mention-me.com smct.co smct.io *.smct.co *.smct.io cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com *.onetrust.com *.google.com region1.analytics.google.com server-side-tagging-eu-m4kh6mjypa-nw.a.run.app server-side-tagging-eu-preview-m4kh6mjypa-nw.a.run.app *.ads.linkedin.com *.hscollectedforms.net *.hs-banner.com *.bing.com *.ads-twitter.com *.quantserve.com googleads.g.doubleclick.net *.quantcount.com metrics.ebuyer.com api.ipify.org media.flixcar.com media.flixfacts.com *.flix360.io *.flix360.com *.visualwebsiteoptimizer.com app.vwo.com *.googleadservices.com orders.ebuyer.com; |
| User-Interaction | cursor |
| X-Content-Type-Options | nosniff |
| Correlation-Id | 4839a77d019e9d5c13f6820c4c173ec2 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar