royalhaskoningdhv.com | Analytics by SecurityHeaders

HTTP Headers report for royalhaskoningdhv.com

Header Name Header Data
HTTP status code 200
Server cloudflare
Connection keep-alive
Cache-Control private
Vary Accept-Encoding
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block
Cf-Ray 92d0a8175eb94b78-AMS
Date Tue, 08 Apr 2025 09:14:49 GMT
Speculation-Rules "/cdn-cgi/speculation"
Content-Security-Policy default-src 'self'; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.b0e8.com https://*.bc0a.com https://api.brightedge.com https://static.cloudflareinsights.com/beacon.min.js https://cxppemea1rdrect01sa02cdn.blob.core.windows.net/webtracking/WebTracking/WebTracking.bundle.js https://player.vimeo.com/api/player.js https://*.clickdimensions.com https://maps.googleapis.com https://cdn.cookielaw.org https://connect.facebook.net https://emea3.recruitmentplatform.com https://f.vimeocdn.com https://f.vimeocdn.com/ https://www.google.com https://googleads.g.doubleclick.net https://*.azureedge.net https://platform.linkedin.com https://player.vimeo.com/api https://px.ads.linkedin.com https://rhdhv.maphub.net https://snap.licdn.com https://sc.lfeeder.com https://script.hotjar.com https://static.doubleclick.net https://static.hotjar.com https://cdn.weglot.com https://unpkg.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.linkedin.com https://www.youtube.com https://*.mkt.dynamics.com https://*.svc.dynamics.com; style-src 'report-sample' 'self' 'unsafe-inline' https://cdn.cookielaw.org https://fonts.googleapis.com https://cdn.weglot.com https://emea3.recruitmentplatform.com https://f.vimeocdn.com https://rhdhv.maphub.net https://unpkg.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://adservice.google.com https://ixfd2-api.bc0a.com/ https://cdn.b0e8.com https://noembed.com/ https://cdn.plyr.io/3.6.1/plyr.svg https://cloudflareinsights.com/cdn-cgi/rum https://server-side-tagging-bhsiztp2dq-uc.a.run.app https://www.google-analytics.com https://maps.googleapis.com https://*.google.com https://google.com https://*.hotjar.io https://googleads.g.doubleclick.net https://cdn.cookielaw.org https://*.onetrust.com https://cdn.linkedin.oribi.io https://cdn.weglot.com https://*.hotjar.com https://emea3.recruitmentplatform.com https://p-tec-tunnel.royalhaskoningdhv.com https://pagead2.googlesyndication.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://vimeo.com wss://ws.hotjar.com https://*.azureedge.net https://*.mkt.dynamics.com https://*.svc.dynamics.com; font-src 'self' data: https://emea3.recruitmentplatform.com https://fonts.gstatic.com https://rhdhv.maphub.net https://script.hotjar.com; frame-src 'self' https://www.youtube-nocookie.com/ https://server-side-tagging-bhsiztp2dq-uc.a.run.app/ https://customervoice.microsoft.com/ https://app.meltwater.com https://*.mimecastprotect.com https://*.genially.com/ https://view.genially.com/* https://www.googletagmanager.com https://*.expo.royalhaskoningdhv.com https://login.windows.net https://login.microsoftonline.com https://*.libsyn.com https://player.vimeo.com https://rhdhv.maphub.net https://rhdhvthirdparty.z6.web.core.windows.net https://td.doubleclick.net https://youtube.com https://view.genial.ly https://www.facebook.com https://www.linkedin.com https://www.youtube.com https://*.azureedge.net https://*.mkt.dynamics.com https://*.svc.dynamics.com; img-src 'self' data: https://www.linkedin.com/* https://*.tile.openstreetmap.org https://www.googleadservices.com/ https://connect.facebook.net/* https://*.google.com https://*.google.nl https://maps.googleapis.com https://maps.gstatic.com https://cdn-eu.clickdimensions.com https://cdn.cookielaw.org https://cdn.weglot.com https://i.ytimg.com https://i.vimeocdn.com https://fonts.gstatic.com https://googleads.g.doubleclick.net https://forms.office.com https://px.ads.linkedin.com https://p-tec-tunnel.royalhaskoningdhv.com https://rhdhv.maphub.net https://tr-rc.lfeeder.com https://www.facebook.com https://www.gstatic.com https://yt3.ggpht.com https://www.googletagmanager.com https://www.google-analytics.com https://www.royalhaskoningdhv.com https://*.azureedge.net https://*.mkt.dynamics.com https://*.svc.dynamics.com; manifest-src 'self'; media-src 'self' https://67vod-adaptive.akamaized.net https://*.googleadservices.com https://*.azureedge.net https://*.dynamics.com; worker-src blob:;
Referrer-Policy same-origin
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
Content-Type text/html; charset=utf-8
Set-Cookie shell#lang=en; path=/; secure; SameSite=None
Request-Context appId=cid-v1:d65d111f-a0f5-45ef-9c0c-22e1d0da10d6
Cf-Cache-Status DYNAMIC
Permissions-Policy autoplay=(self), camera=(), encrypted-media=(), fullscreen=(self) https://www.youtube.com https://player.vimeo.com, geolocation=(self), microphone=(), midi=(self), payment=()

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar