| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Alt-Svc | h3=":443"; ma=86400 |
| X-Amz-Server-Side-Encryption | AES256 |
| X-Amz-Cf-Pop | LHR62-C3 |
| X-Ab-Test | no |
| X-Content-Type-Options | nosniff |
| Referrer-Policy | strict-origin-when-cross-origin |
| Nel | {"report_to":"commscloud","max_age":3600,"include_subdomains":true,"success_fraction":0.1,"failure_fraction":1} |
| Connection | keep-alive |
| Last-Modified | Fri, 04 Apr 2025 11:50:48 GMT |
| Via | 1.1 7654e8d5fbf72d40d262281571df7bae.cloudfront.net (CloudFront) |
| X-Amz-Id-2 | YasCUIAiyVb6ioMqb7fkFNYUj5fICNgaprpfGsv3f5upCEojBp09PGzrHwy/118JBzG1Q1AFMjHBVpiRBauDUObXwkc4ejtL |
| X-Amz-Version-Id | rJ4K1D4q9nOWbbOcujINPwHje.vTtWJY |
| X-Cache | Hit from cloudfront |
| X-Amz-Cf-Id | f_TBueGgx7FY2Lwh6waVhX5Gwp_uVCGGM_LRdrf_BqP9wQwDYknOHQ== |
| Age | 291 |
| Date | Sat, 05 Apr 2025 19:09:48 GMT |
| X-Xss-Protection | 1; mode=block |
| Etag | W/"65574da685ded6d82c028a84a7ad68db" |
| Server | C2 Comms Cloud (9b82c7c0) |
| X-Amz-Request-Id | BCKMEZ4XDS3RTDFK |
| Vary | Accept-Encoding |
| X-Lae-Region | eu-west-2 |
| Link | <https://api.dc.siemens.com/fluidweb>; rel=preconnect, <https://api.dc.siemens.com/fluidweb>; rel=dns-prefetch, <https://assets.new.siemens.com>; rel=preconnect, <https://assets.new.siemens.com>; rel=dns-prefetch, <https://cdn.c2comms.cloud>; rel=preconnect, <https://cdn.c2comms.cloud>; rel=dns-prefetch, <https://assets.adobedtm.com/>; rel=preconnect, <https://assets.adobedtm.com/>; rel=dns-prefetch, <https://w3.siemens.com>; rel=preconnect, <https://w3.siemens.com>; rel=dns-prefetch |
| Content-Type | text/html |
| X-Frame-Options | sameorigin |
| Report-To | {"group":"commscloud","max_age":3600,"endpoints":[{"url":"https://w3.siemens.com/report?environment=siemenscom-prod&release=9b82c7c0"}],"include_subdomains":true} |
| Cache-Control | public, max-age=600, must-revalidate |
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| Content-Security-Policy | base-uri 'self' analytics.c2comms.cloud; block-all-mixed-content; child-src 'self' blob: *.brightcove.com *.brightcove.net; connect-src 'self' *.awswaf.com *.force.com *.brightcove.com *.salesforce.com *.salesforceliveagent.com siemenscrm.my.salesforce-sites.com siemensint.my.salesforce-sites.com *.tt.omtrdc.net *.eu.auth0.com *.usercentrics.eu adservice.google.nl adservice.google.com api.dc.siemens.com assets.new.siemens.com blob: cdn.cookielaw.org cdn.siemens-web.com *.c2comms.cloud cdn.siemens.com cdn.segment.com api.segment.io assets.new.siemens.com cognito-identity.eu-west-1.amazonaws.com data.cdn.siemens.com dataplane.rum.eu-west-1.amazonaws.com dc.oracleinfinity.io dev.api.dc.siemens.com edge.api.brightcove.com geolocation.onetrust.com *.brightcovecdn.com *.boltdns.net *.brightcove.net www.siemens.com *.ingest.sentry.io privacyportal-eu.onetrust.com profiles.siemens.com searchapi.new.siemens.com secure.brightcove.com siemens.demdex.net siemens.sc.omtrdc.net siemensdigitalindustries.nanorep.co sts.eu-west-1.amazonaws.com tools.adlytics.net uat.api.dc.siemens.com visitor-services.nanorep.com w3.siemens.com www.facebook.com www.google.nl www.google.com *.brapps.siemens.cloud *.brappsqa.siemens.cloud mktdplp102cdn.azureedge.net 322e30018b7e4846825041773c891f42.svc.dynamics.com e070f2c1c4514ee2b79becebacc0f9b2.svc.dynamics.com *.virtualevent.siemens.com go.cuenect.de partnerinfo.siemens.at hitech.at www.siemens.at resource.finnchat.com api-fra.livechatinc.com ue2gfcryae.execute-api.eu-central-1.amazonaws.com seaapi.siemens.cloud sleeknotestaticcontent.sleeknote.com images.sleeknote.com dvt4t9p29wi8.cloudfront.net *.hotjar.com *.hotjar.io wss://*.hotjar.com www.hqs.sbt.siemens.com www.cdn.botfriendsx.com *.smooch.io wss://*.smooch.io d1p0l0wtisukf7.cloudfront.net author.new.siemens.com cdn.linkedin.oribi.io rs.eu1.fullstory.com cert-portal.siemens.com api.demandbase.com www.yousty.ch survey.adlytics.net ghsszvtech.execute-api.us-east-1.amazonaws.com participant.connect.us-east-1.amazonaws.com wss://tufsuyburufn.transport.connect.us-east-1.amazonaws.com gbs-emobility-chat.s3.us-east-1.amazonaws.com irpages2.eqs.com ir-api.eqs.com tools.cms-eqs.com api.maze.co prompts.maze.co fairtouch.siemens.com cdn.fairtouch.siemens.com author.new.siemens.com community.siemens.com *.directline.botframework.com api.xcelerator.siemens.com api.marketplace.siemens.com public-apim.siemens.com reporting-hub.ryze-digital.de wss://*.directline.botframework.com directline.botframework.com wss://directline.botframework.com *.adyen.com *.xcelerator.siemens.com px.ads.linkedin.com www.google.com adservice.google.com googleads.g.doubleclick.net payment.siemens.com *.execute-api.eu-west-1.amazonaws.com emobilitychatapi.azurewebsites.net emobilitychatapiprod.azurewebsites.net botbuilder.siemens.cloud browser-intake-datadoghq.com browser-intake-datadoghq.eu partner-finder.btregistration.si.siemens.cloud wwwstage.siemens.com wwwdev.siemens.com vertex.siemens.studio xcelerator.siemens.com; default-src 'self' blob:; font-src 'self' cdn.siemens-web.com *.c2comms.cloud cdn.siemens.com cdn.segment.com api.segment.io assets.new.siemens.com data: tools.adlytics.net script.hotjar.com www.cdn.botfriendsx.com reporting-hub.ryze-digital.de assets-cdn.maze.co; frame-ancestors 'self' *.c2comms.cloud contentpath.siemens.com mc.contentpath.siemens.com content.sw.siemens.com resources.dc.siemens.com siemensfactoryautomation.pathfactory.com myaccount.lingotek.com vertex.siemens.studio *.cuenect.online *.siemens.com; frame-src 'self' *.force.com *.salesforce.com *.salesforceliveagent.com siemenscrm.my.salesforce-sites.com siemensint.my.salesforce-sites.com *.usercentrics.eu bid.g.doubleclick.net td.doubleclick.net cdn.siemens-web.com *.c2comms.cloud cdn.siemens.com cdn.segment.com api.segment.io assets.new.siemens.com jobs.siemens-info.com pages.siemens-info.com playout.3qsdn.com sites.siemens-info.com tpc.googlesyndication.com www.facebook.com 322e30018b7e4846825041773c891f42.svc.dynamics.com e070f2c1c4514ee2b79becebacc0f9b2.svc.dynamics.com secure-fra.livechatinc.com vars.hotjar.com *.c2comms.cloud *.siemens.com maestrobot.it-app.biz dvt4t9p29wi8.cloudfront.net *.adyen.com secure.ixopay.com players.brightcove.net vertex.siemens.studio; img-src 'self' *.boltdns.net *.siemens.com *.tt.omtrdc.net *.usercentrics.eu 825113843.privacysandbox.googleadservices.com ad.doubleclick.net adservice.google.nl adservice.google.com android-webview-video-poster: blob: brightcove04pmdo-a.akamaihd.net cdn.cookielaw.org cdn.siemens-web.com *.c2comms.cloud cdn.siemens.com cdn.segment.com api.segment.io assets.new.siemens.com data: dc.ads.linkedin.com dc.oracleinfinity.io googleads.g.doubleclick.net *.brightcove.com *.brightcove.net px.ads.linkedin.com px4.ads.linkedin.com secure.adnxs.com siemens.mindsphere.io siemens.sc.omtrdc.net stats.adlytics.net t.co tr.outbrain.com trc.taboola.com www.facebook.com www.google.nl www.google.com www.googletagmanager.com www.linkedin.com 322e30018b7e4846825041773c891f42.svc.dynamics.com e070f2c1c4514ee2b79becebacc0f9b2.svc.dynamics.com cdn.go.cuenect.net siemenscrm--c.vf.force.com siemenscrm.lightning.force.com siemenscrm.my.salesforce.com partnerinfo.siemens.at hitech.at baudoku.1000eyes.de cdn.livechatinc.com cdn.livechat-files.com analytics.sleeknote.com static.hotjar.com script.hotjar.com botbuilder.siemens.cloud *.smooch.io ib.adnxs.com maestrobot.it-app.biz www.blids.de analytics.twitter.com *.prescreen.io dvt4t9p29wi8.cloudfront.net reporting-hub.ryze-digital.de universe.send.microad.jp insight.adsrvr.org dq3yfnoirppqu.cloudfront.net *.adyen.com pixel.quantserve.com s.gravatar.com *.wp.com cdn.auth0.com cdn.files-text.com ir-api.eqs.com www.eqs.com storage.googleapis.com vertex.siemens.studio; manifest-src 'self' *.c2comms.cloud; media-src 'self' *.brightcove.com assets.new.siemens.com blob: *.brightcovecdn.com *.boltdns.net *.brightcove.net dvt4t9p29wi8.cloudfront.net dev.tts-api.c2comms.cloud vertex.siemens.studio; object-src players.brightcove.net w3.siemens.com; script-src 'report-sample' *.awswaf.com 'self' 'unsafe-eval' 'unsafe-inline' *.force.com *.salesforce.com *.salesforceliveagent.com siemenscrm.my.salesforce-sites.com siemensint.my.salesforce-sites.com *.ste.dc.siemens.com *.usercentrics.eu ajax.googleapis.com analytics.twitter.com assets.adobedtm.com cdn.cookielaw.org cdn.siemens-web.com *.c2comms.cloud cdn.siemens.com cdn.segment.com api.segment.io assets.new.siemens.com client.rum.us-east-1.amazonaws.com connect.facebook.net cookies.siemens.com d.oracleinfinity.io data.cdn.siemens.com dataplane.rum.eu-central-1.amazonaws.com geolocation.onetrust.com googleads.g.doubleclick.net img.en25.com jsd-widget.atlassian.com my.nanorep.com www.siemens.com *.brightcove.net *.brightcove.com profiles.siemens.com scripts.demandbase.com siemensdigitalindustries.nanorep.co snap.licdn.com static.ads-twitter.com tools.adlytics.net tpc.googlesyndication.com vjs.zencdn.net w3.siemens.com www.automation.siemens.com www.google.nl www.google.com www.googleadservices.com www.googletagmanager.com mktdplp102cdn.azureedge.net wwwstage.siemens.com resource.finnchat.com cdn.livechatinc.com api.livechatinc.com api-fra.livechatinc.com secure-fra.livechatinc.com sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.sleeknote.com static.hotjar.com script.hotjar.com botbuilder.siemens.cloud www.cdn.botfriendsx.com *.smooch.io 322e30018b7e4846825041773c891f42.svc.dynamics.com www.sfs.siemens.de anteilspreise.siemens.com *.virtualevent.siemens.com *.c2comms.cloud edge.eu1.fullstory.com snippet.maze.co reporting-hub.ryze-digital.de vi.ml314.com ml314.com secure.quantserve.com rules.quantcount.com payment.siemens.com secure.ixopay.com ir-api.eqs.com www.datadoghq-browser-agent.com www.datadoghq-browser-agent.eu vertex.siemens.studio; style-src 'self' 'unsafe-inline' *.force.com *.salesforce.com *.salesforceliveagent.com siemenscrm.my.salesforce-sites.com siemensint.my.salesforce-sites.com *.usercentrics.eu cdn.siemens-web.com *.c2comms.cloud cdn.siemens.com cdn.segment.com api.segment.io assets.new.siemens.com www.siemens.com profiles.siemens.com tools.adlytics.net w3.siemens.com static.hotjar.com script.hotjar.com www.cdn.botfriendsx.com www.sfs.siemens.de anteilspreise.siemens.com reporting-hub.ryze-digital.de assets-cdn.maze.co ir-api.eqs.com botbuilder.siemens.cloud vertex.siemens.studio; upgrade-insecure-requests; worker-src 'self' 'unsafe-inline' blob:; report-uri https://w3.siemens.com/report?environment=siemenscom-prod&release=9b82c7c0; report-to commscloud |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar