| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Frame-Options | SAMEORIGIN |
| Access-Control-Allow-Headers | authority, sec-ch-ua, env, user-agent, content-type, accept, securekey, source, origin, sec-fetch-site, sec-fetch-mode, sec-fetch-dest, referer, accept-language |
| Vary | Accept-Encoding |
| Access-Control-Max-Age | 1728000 |
| Date | Tue, 08 Apr 2025 11:39:01 GMT |
| X-Permitted-Cross-Domain-Policies | none |
| Referrer-Policy | origin-when-cross-origin |
| Expect-Ct | max-age=86400, enforce |
| X-Nextjs-Cache | HIT |
| Etag | "166220ltrqi4e8w" |
| Content-Security-Policy | default-src 'nonce-9699b97c08ad68173fc0a77a27000bda' 'self' *.vanheusenindia.com *.yellowmessenger.com *.trendin.com *.abfrl.net *.abfrl.in *.paytm *.louisphilippe.com *.reebok.in *.aeo.in *.forever21.in *.simoncarter.in *.peterengland.com *.allensolly.com *.trustarc.com *.gstatic.com data:; img-src * 'self' https://*.akstat.io vanhuesenindia.imgix.net blob: data:;script-src 'self' assets.abfrlcdn.com *.google.com pantaloons.imgix.net tr.snapchat.com tags.creativecdn.com asia.creativecdn.com *.artfut.com t07-vtr-plugin.tryndbuy.com t07plugin.tryndbuy.com *.yellowmessenger.com tsm.s3g6.com retag.crossdevicetracking.com static-cdn.trackier.com wd-ret.io in1.clevertap-prod.com https://*.go-mpulse.net trc.taboola.com targetinng.com rtb-global.com webtrafficsource.com i.l-dsp.inmobicdn.net cdn.taboola.com *.trustarc.com go-mpulse.net sc-static.net sdk.rsut.io router.paytm.in stage-router.paytm.in securegw-stage.paytm.in *.paytm.com *.paytm.in *.amazonaws.com *.wizrocket.com *.criteo.com *.criteo.net *.googleapis.com *.resu.io sdk.resu.io cdnjs.cloudflare.com *.adobedtm.com *.gstatic.com *.primeai1.org *.primeai.co.uk *.primeai3.in *.primeai4.in *.jquery.com *.facebook.net *.google.com *.googleapis.com *.cloudfront.net *.hotjar.com *.contentsquare.net *.google-analytics.com *.bing.com *.streamoid.com *.googleadservices.com *.abfrl.in *.abfrl.net *.trendin.com *.vanheusenindia.com *.louisphilippe.com *.peterengland.com *.allensolly.com google.com *.googletagmanager.com *.usersnap.com *.clevertap.com *.adobedtm.com *.wzrkt.com 'unsafe-eval' 'unsafe-inline' *.doubleclick.net *.crazyegg.com; connect-src 'self' *.tryndbuy.com widget.usersnap.com wd-ret.io targetinng.com asia.creativecdn.com tr.snapchat.com wss://cloud.yellow.ai *.forever21.in *.simoncarter.in *.reebok.in *.aeo.in *.yellow.ai *.paytm.in *.akamaihd.net wss://stage-router.paytm.in wss://router.paytm.in wss://securegw-stage.paytm.in wss://securegw.paytm.in *.taboola.com wss://websoc.resu.io https://abfrl.com/ *.google.com *.google.co.in *.criteo.com rtb-global.com webtrafficsource.com https://*.akstat.io https://*.go-mpulse.net cdn.taboola.com *.adobedc.net in1.wzrkt.com apis.google.com *.googletagmanager.com *.trustarc.com *.abfrl.in *.abfrl.net *.trendin.com assets.trendin.com assets.abfrlcdn.com use.typekit.net *.gstatic.com *.facebook.com pantaloons.imgix.net bat.bing.com *.hotjar.io geolocation-db.com *.hotjar.com *.googleapis.com *.primeai.co.uk *.primeai1.org *.primeai3.in *.primeai4.in https://integration.richrelevance.com/* https://integration.richrelevance.com https://recs.richrelevance.com/* https://recs.richrelevance.com *.richrelevance.com *.amazonaws.com *.wizrocket.com adityabirlafashion.sc.omtrdc.net *.google-analytics.com *.forever21.in *.simoncarter.in *.reebok.in *.aeo.in *.vanheusenindia.com *.louisphilippe.com *.peterengland.com *.allensolly.com *.doubleclick.net *.demdex.net *.adobeaemcloud.com nodeserver.sdk.streamoid.com *.elastic-cloud.com *.crazyegg.com sdk.resu.io cdnjs.cloudflare.com *.clickpost.in; style-src 'self' 'unsafe-inline' *.google.com accounts.google.com *.abfrl.in *.abfrl.net *.yellowmessenger.com *.paytm.in *.trendin.com *.primeai.co.uk *.primeai1.org *.primeai3.in *.primeai4.in *.crazyegg.com *.streamoid.com *.trustarc.com *.googleapis.com nodeserver.sdk.streamoid.com *.typekit.net; media-src 'self' 'unsafe-eval' 'unsafe-inline' *.adobeaemcloud.com *.typekit.net *.abfrl.in *.abfrl.net *.trendin.com *.elastic-cloud.com *.scene7.com *.trustarc.com assets.abfrlcdn.com; frame-src 'self' 'unsafe-eval' 'unsafe-inline' t07-vtr-plugin.tryndbuy.com t07plugin.tryndbuy.com tr.snapchat.com *.paytm.in afftracer.g2afse.com tsm.s3g6.com tracking.icubeswire.co static.criteo.net *.amazon-adsystem.com *.criteo.com *.amazonaws.com *.trustarc.com *.wizrocket.com *.facebook.com accounts.google.com *.doubleclick.net *.demdex.net *.hotjar.com *.abfrl.in *.abfrl.net *.trendin.com *.youtube.com; child-src pantaloons.imgix.net *.googleapis.com; worker-src localhost:3000 blob: *.vanheusenindia.com *.abfrl.in *.abfrl.net *.louisphilippe.com *.peterengland.com *.allensolly.com; prefetch-src *.googleapis.com *.abfrl.in assets.abfrlcdn.com imagescdn.abfrl.in connect.facebook.net cdn.yellowmessenger.com script.crazyegg.com |
| Access-Control-Allow-Origin | * |
| Access-Control-Allow-Credentials | true |
| Access-Control-Allow-Methods | PUT, HEAD, GET, POST, OPTIONS |
| Cache-Control | max-age=822, s-maxage=1800 |
| Connection | keep-alive |
| Content-Type | text/html; charset=utf-8 |
| X-Xss-Protection | 1; mode=block |
| X-Content-Type-Options | nosniff always |
| Strict-Transport-Security | includeSubDomains; preload |
| Feature-Policy | unsized-media 'none'; geolocation 'self' https://www.googletagmanager.com; camera * |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar