| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Content-Type | text/html; charset=UTF-8 |
| Last-Modified | Fri, 09 May 2025 18:10:37 GMT |
| X-Request-Id | v-e86185ca-2d00-11f0-813c-c7501589066a |
| X-Ah-Environment | prod |
| Cf-Cache-Status | DYNAMIC |
| X-Drupal-Dynamic-Cache | HIT |
| X-Content-Type-Options | nosniff |
| Expires | Sun, 19 Nov 1978 05:00:00 GMT |
| X-Xss-Protection | 1; mode=block |
| X-Cache | HIT |
| Server | cloudflare |
| Connection | keep-alive |
| Via | varnish |
| Alt-Svc | h3=":443"; ma=86400 |
| Cache-Control | max-age=604800, public |
| X-Frame-Options | ALLOW-FROM cp.docksal.site/ |
| Vary | Cookie,Accept-Encoding |
| Date | Sat, 10 May 2025 11:52:46 GMT |
| Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.fontawesome.com *.googleapis.com *.googletagmanager.com *.plyr.io unpkg.com fonts.gstatic.com youtube.com *.google-analytics.com google-analytics.com *.cloudflare.com www.youtube.com snap.licdn.com static.ads-twitter.com ads-twitter.com px.ads.linkedin.com stats.g.doubleclick.net analytics.google.com noembed.com data: *.jsdelivr.net youtu.be *.doubleclick.net *.google.com google.com canadaplace.ca portvancouver.com t.co *.t.co adservice.google.com analytics.twitter.com ads.linkedin.com; img-src data: blob: self *.acquia-sites.com *.portvancouver.com portvancouver.com *.canadaplace.ca canadaplace.ca *.canadaplace.ca *.portvancouver.com *.docksal.site *.jsdelivr.net *.tugboatqa.com i.ytimg.com *.ads.linkedin.com *.doubleclick.net *.google.ca *.t.co *.twitter.com t.co *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com self *.twitter.com twitter.com adservice.google.com google.com analytics.twitter.com *.ads.linkedin.com px.ads.linkedin.com static.ads-twitter.com ads-twitter.com *.linkedin.com ads.linkedin.com; connect-src 'self' *.adservice.google.com adservice.google.com *.linkedin.com px.ads.linkedin.com *.canadaplace.ca canadaplace.ca *.portvancouver.com portvancouver.com self *.google.com google.com *.doubleclick.net doubleclick.net analytics.google.com *.analytics.google.com *.google-analytics.com google-analytics.com ads.linkedin.com google.com static.ads-twitter.com ads-twitter.com t.co *.t.co www.google.com ads.linkedin.com; upgrade-insecure-requests |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Drupal-Cache | MISS |
| Age | 63728 |
| X-Generator | Drupal 10 (https://www.drupal.org) |
| X-Cache-Hits | 1384 |
| Cf-Ray | 93d93b75cea7a4bf-AMS |
| Content-Language | en |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar