| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Date | Tue, 08 Apr 2025 03:35:08 GMT |
| Content-Type | text/html; charset=UTF-8 |
| Expires | Tue, 08 Apr 2025 04:35:08 GMT |
| Strict-Transport-Security | max-age=86400; |
| Content-Security-Policy | object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default |
| Content-Security-Policy-Report-Only | default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com snap.licdn.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com use.typekit.net munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.googleapis.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com |
| Feature-Policy-Report-Only | geolocation 'none'; camera 'none'; fullscreen *; payment 'self' |
| Nel | {"report_to":"default","max_age":86400,"include_subdomains":true,"failure_fraction": 0.01} |
| Referrer-Policy | strict-origin-when-cross-origin |
| X-Frame-Options | SAMEORIGIN |
| Cf-Cache-Status | MISS |
| Cache-Control | no-cache, private |
| X-Xss-Protection | 1; mode=block |
| Set-Cookie | __cf_bm=baHZZ5FMonMjJmpp0.V0RMeS8GXNBiEW5kZQSQEIzmc-1744083308-1.0.1.1-SPYUvlQL0XnONe90IxWHfmSVuX6iRX0IfD299ibeiAOeZi3jW35U_NsYhlp0NtUYCLJ1nJqLaTUvpnONnDS933KNoBn2xJeDZXVAWN3Wib4; path=/; expires=Tue, 08-Apr-25 04:05:08 GMT; domain=.gene.com; HttpOnly; Secure; SameSite=None |
| Server | cloudflare |
| Connection | keep-alive |
| Vary | X-Language,Accept-Encoding |
| Expect-Staple | max-age=86400; includeSubDomains |
| Report-To | {"group":"default","max_age":86400,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true} |
| X-Content-Type-Options | nosniff |
| Cf-Ray | 92ceb6831b69fff2-AMS |
| Last-Modified | Tue, 08 Apr 2025 03:35:08 GMT |
| X-Ua-Compatible | IE=Edge,chrome=1 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar