| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Charset | utf-8 |
| Pragma | no-cache |
| Access-Control-Allow-Credentials | true |
| X-Datadome-Cid | AHrlqAAAAAMAX5PvT_rMwHkAWS6Dnw== |
| Cache-Control | max-age=300 |
| Content-Length | 738 |
| Accept-Ch | Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory |
| X-Dd-B | 1 |
| Access-Control-Expose-Headers | x-dd-b, x-set-cookie |
| Access-Control-Allow-Origin | http://elemis.com |
| Strict-Transport-Security | max-age=31536000 |
| Connection | keep-alive |
| X-Cache | MISS |
| Accept-Ranges | bytes |
| Date | Tue, 06 May 2025 09:37:55 GMT |
| X-Served-By | cache-ams2100084-AMS |
| X-Cache-Hits | 0 |
| X-Timer | S1746524276.838305,VS0,VE87 |
| Referrer-Policy | strict-origin-when-cross-origin |
| Content-Type | text/html;charset=utf-8 |
| X-Datadome | protected |
| Content-Security-Policy | script-src 'self' 'unsafe-eval' 'unsafe-inline' data: 'self' blob: lcx-embed.bambuser.com dp64mxip2za0c.cloudfront.net widget-mediator.zopim.com d3saea0ftg7bjt.cloudfront.net static.zdassets.com *.cloudmaestro.com cdn.usehero.com www.elemis.com js-agent.newrelic.com www.googletagmanager.com www.google.com bam.nr-data.net bat.bing.com container.pepperjam.com tag.rmp.rakuten.com connect.facebook.net *.listrakbi.com cdn.attn.tv rec.smartlook.com www.google-analytics.com *.criteo.net *.us.criteo.com *.eu.criteo.com ut.ra.linksynergy.com *.googleapis.com rec.smartlook.com *.thcdn.com rum-static.pingdom.net googleads.g.doubleclick.net bat.bing.com www.recaptcha.net www.gstatic.com www.googleadservices.com www.dwin1.com userexperience.thehut.net accdn.lpsnmedia.net pay.google.com lptag.liveperson.net na-library.playground.klarnaservices.com *.bazaarvoice.com *.signifyd.com *.akamaihd.net *.criteo.com *.socialannex.com *.iubenda.com cdn.iubenda.com intljs.rmtag.com maxcdn.bootstrapcdn.com tpc.googlesyndication.com widget-mediator.zopim.com *.rewardstyle.com *.braintreegateway.com us.elemis.com uk.elemis.com eu.elemis.com *.klarnaservices.com *.klarnacdn.net *.cardinalcommerce.com js.braintreegateway.com na-library.klarnaservices.com b-code.liadm.com *.iesnare.com *.vimeo.com vimeo.com *.shopstylecollective.com s.pinimg.com ct.pinterest.com *.googleoptimize.com cdn.systema.ai ut.rd.linksynergy.com analytics.tiktok.com i.loopme.me api.addressy.com www.paypalobjects.com sc-static.net *.ascendpartner.com c1.socialannex.com *.paypal.com *.btttag.com acdn.adnxs.com *.clarity.ms *.google.com *.btttag.com *.google-analytics.com *.adnxs.com sc-static.net sslwidget.criteo.com *.duel.me *.pinterest.com *.ordergroove.com *.duel.me *.xtento.com *.livescale.tv *.smartlook.com *.snapchat.com *.permutive.com *.makeupar.com *.contentsquare.net *.contentsquare.com *.onetrust.com *.abtasty.com *.klarna.com dx.mountain.com px.mountain.com gs.mountain.com static.myshlf.us api.shopmy.us static.shopmy.us cdn.debugbear.com *.bambuser.com d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.11/iframeResizer.min.js cnstrc.com *.online-metrix.net c.amazon-adsystem.com static.fbot.me campaign.fbot.me tags.srv.stackadapt.com etr.uk.elemis.com etr.us.elemis.com etr.eu.elemis.com js.datadome.co api-js.datadome.co ct.captcha-delivery.com geo.captcha-delivery.com dd.elemis.com evnt.uk.elemis.com evnt.us.elemis.com api.exponea.com; |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar