| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Cache-Control | public,max-age=0,must-revalidate |
| X-Nf-Request-Id | 01JR8S33K32NNX6XPVQXG36G1C |
| Date | Mon, 07 Apr 2025 18:44:34 GMT |
| Permissions-Policy | accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=() |
| Vary | Accept-Encoding |
| Age | 1736 |
| Cache-Status | "Netlify Edge"; hit |
| Content-Type | text/html; charset=UTF-8 |
| Referrer-Policy | no-referrer-when-downgrade |
| Server | Netlify |
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| Accept-Ranges | bytes |
| Content-Security-Policy | default-src 'self' 'unsafe-inline' blob:; img-src data: blob: * analytics.tiktok.com; font-src 'self' data: fonts.gstatic.com fast.wistia.com maxcdn.bootstrapcdn.com; media-src 'self' blob: data: *.wistia.net embedwistia-a.akamaihd.net *.wistia.com *.zdassets.com *.cloudinary.com; style-src 'self' 'unsafe-inline' data: blob: *.visualwebsiteoptimizer.com app.vwo.com s3.amazonaws.com fonts.googleapis.com *.twitter.com *.twimg.com tagmanager.google.com *.googletagmanager.com hello.myfonts.net; frame-src 'self' bytedance: sslocal: app.vwo.com *.visualwebsiteoptimizer.com certificates.easy-lms.com ace.easy-lms.com *.doubleclick.net www.facebook.com *.wistia.com *.wistia.net widget.reviews.co.uk *.twitter.com *.addthis.com embedwistia-a.akamaihd.net www.youtube.com www.youtube-nocookie.com www.google.com widget.trustpilot.com *.googletagmanager.com widget-prime.rafflecopter.com *.appointedd.com *.onlineexambuilder.com app.netlify.com *.player.vimeo.com *.vimeo.com *.chilipiper.com; object-src 'self' embedwistia-a.akamaihd.net; connect-src 'self' data: wss: *.visualwebsiteoptimizer.com app.vwo.com analytics.tiktok.com *.clarity.ms *.litix.io *.reviews.co.uk *.wistia.com *.wistia.net *.facebook.com *.addthis.com *.freeagent.com *.fre.ag analytics.google.com *.google-analytics.com *.doubleclick.net embedwistia-a.akamaihd.net www.google.com *.adroll.com www.google.co.uk widget.trustpilot.com geoip-js.com geoip-js.maxmind.com geoip.maxmind.com *.crazyegg.com adservice.google.com *.cookielaw.org *.onetrust.com *.zdassets.com *.zendesk.com *.zopim.com bat.bing.com api.cloudinary.com cdn.linkedin.oribi.io *.analytics.google.com *.googlesyndication.com *.player.vimeo.com *.vimeo.com px.ads.linkedin.com *.sentry.io *.chilipiper.com *.chilipiper.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: *.visualwebsiteoptimizer.com app.vwo.com analytics.tiktok.com *.freeagent.com *.fre.ag *.googleapis.com analytics.google.com *.google-analytics.com *.doubleclick.net *.googleadservices.com *.adroll.com *.cloudfront.net *.facebook.net *.twitter.com script.crazyegg.com *.reviews.co.uk *.addthis.com *.addthisedge.com *.twimg.com www.googletagmanager.com *.tfaforms.com s3.amazonaws.com/trk.cetrk.com/ *.wistia.com *.wistia.net www.gstatic.com www.google.com *.workable.com px.ads.linkedin.com static.ads-twitter.com snap.licdn.com widget.reviews.co.uk cdn.ampproject.org www.linkedin.com pro.ip-api.com bat.bing.com widget.trustpilot.com tagmanager.google.com tinymce.cachefly.net js.maxmind.com z.moatads.com widget-prime.rafflecopter.com www.dwin1.com optanon.blob.core.windows.net code.jquery.com *.onetrust.com *.cookielaw.org cdnjs.cloudflare.com *.bizographics.com www.clarity.ms geoip-js.com *.appointedd.com s3-eu-west-1.amazonaws.com *.zdassets.com *.zopim.com *.zendesk.com netlify-cdp-loader.netlify.app *.chilipiper.com; frame-ancestors 'self' https://support.freeagent.com; report-uri https://freeagent.report-uri.com/r/d/csp/enforce; worker-src 'self' blob:; |
| Etag | "94985c26053a3431ae4602f9f7a89987-ssl-df" |
| X-Xss-Protection | 1; mode=block |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar