| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Connection | keep-alive |
| Vary | Accept-Encoding |
| Content-Security-Policy | connect-src 'self' *.bazaarvoice.com bat.bing.com bat.bing.net *.braintree-api.com *.braintreegateway.com notify.bugsnag.com sessions.bugsnag.com app.certcapture.com *.clarity.ms *.google.com.pr *.criteo.com *.criteo.net *.doubleclick.net web.facebook.com www.facebook.com *.google.com *.analytics.google.com google.com www.googleadservices.com *.google-analytics.com *.googleapis.com pagead2.googlesyndication.com *.googletagmanager.com *.hawksearch.com *.kampyle.com www.mczbf.com *.digital-cloud-west.medallia.com *.api.mitel.io *.optimove.net *.paypal.com *.pinterest.com *.riskified.com spay.samsung.com analytics.tiktok.com www.tiktok.com *.visualwebsiteoptimizer.com cas.zma.gs *.zmags.com; frame-ancestors 'self' *.farmandfleet.com; frame-src 'self' *.bazaarvoice.com bat.bing.com members.cj.com *.criteo.com *.criteo.net *.cybersource.com cj.dotomi.com *.doubleclick.net www.emjcd.com www.facebook.com *.farmandfleet.com *.google.com www.googletagmanager.com *.hcaptcha.com resources.digital-cloud-west.medallia.com www.milwaukeetool.com webchat.mitel.io *.paypal.com www.paypalobjects.com ct.pinterest.com player.vimeo.com dev.visualwebsiteoptimizer.com app.vwo.com www.youtube.com www.youtube-nocookie.com cas.zma.gs; object-src 'none'; script-src 'report-sample' 'self' 'unsafe-inline' *.bazaarvoice.com bat.bing.com c.bing.com appleid.cdn-apple.com applepay.cdn-apple.com *.certcapture.com *.clarity.ms *.criteo.com *.criteo.net login-ds.dotomi.com googleads.g.doubleclick.net connect.facebook.net *.farmandfleet.com accounts.google.com apis.google.com pay.google.com tagmanager.google.com www.google.com www.googleadservices.com *.google-analytics.com maps.googleapis.com translate.googleapis.com www.googlecommerce.com pagead2.googlesyndication.com *.googletagmanager.com googletagmanager.com www.gstatic.com md-scp.kampyle.com resources.digital-cloud-west.medallia.com packout.milwaukeetool.com https://cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js webchat.mitel.io sdk.optimove.net *.paypal.com *.paypalobjects.com s.pinimg.com ct.pinterest.com beacon.riskified.com analytics.tiktok.com *.visualwebsiteoptimizer.com app.vwo.com cas.zma.gs; worker-src 'self' blob:; report-to csp; report-uri https://blain.report-uri.com/r/d/csp/enforce; |
| X-Amz-Cf-Pop | AMS58-P4 |
| X-Xss-Protection | 1; mode=block |
| Cache-Control | private |
| Report-To | {"group":"csp","max_age":31536000,"endpoints":[{"url":"https://blain.report-uri.com/a/d/g"}],"include_subdomains":true} |
| X-Cache | Miss from cloudfront |
| Via | 1.1 9f9de4292c90d3b00804c3fd5a50677e.cloudfront.net (CloudFront) |
| X-Frame-Options | SAMEORIGIN |
| X-Content-Type-Options | nosniff |
| Content-Type | text/html; charset=utf-8 |
| Server | Server |
| Date | Tue, 08 Apr 2025 11:05:25 GMT |
| X-Amz-Cf-Id | yRNATlRGUQOHl4RFCL6IzBVGORZ9fqyVjdVB0XInjkZqDH6-d3BHwA== |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| Set-Cookie | Loc=s=0&z=1012&t=0&o=0; domain=www.farmandfleet.com; expires=Thu, 08-Apr-2027 11:05:25 GMT; path=/; secure; SameSite=Lax |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar