| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Vary | Accept-Encoding |
| Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
| Permissions-Policy | accelerometer=(), camera=(), display-capture=(), encrypted-media=(), gyroscope=(), magnetometer=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), usb=(), web-share=(), xr-spatial-tracking=() |
| Content-Type | text/html; charset=utf-8 |
| Content-Security-Policy | default-src 'self' blob: house-fastly-signed-eu-west-1-prod.brightcovecdn.com manifest.prod.boltdns.net *.prod.boltdns.net *.cookielaw.org cdn.cookielaw.org *.analytics.google.com *.google.com *.google-analytics.com *.googletagmanager.com googleapis.com *.googleapis.com cdn.jsdelivr.net cdnjs.cloudflare.com viz.tools.investis.com otp.tools.investis.com irs.tools.investis.com players.brightcove.net edge.api.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com www.google-analytics.com fonts.googleapis.com fonts.gstatic.com arg.investis.com www.youtube.com staticcontents.investisdigital.com staticcontents.investis.com stats.g.doubleclick.net vjs.zencdn.net sc.lfeeder.com *.execute-api.eu-west-1.amazonaws.com; img-src 'self' 'unsafe-inline' * data: www.w3.org manifest.prod.boltdns.net players.brightcove.net edge.api.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com arg.tools.investis.com snap.licdn.com staticcontents.investisdigital.com staticcontents.investis.com; frame-src 'self' www.googletagmanager.com atkinsrealis.com http://www.atkinsrealis.com/ *.atkinsrealis.com ir.connectidfeed.com *.zscaler.net *.zscalerone.net *.zscalertwo.net *.zscalerthree.net *.zscloud.net *.flockler.com *.doubleclick.net *.doubleclick.net players.brightcove.net www.google.com viz.tools.investis.com otp.tools.investis.com irs.tools.investis.com www.youtube.com staticcontents.investisdigital.com staticcontents.investis.com bcove.video cloud.3dissue.com lavalab-montreal.netlify.app; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.zscaler.net *.zscalerone.net *.zscalertwo.net *.zscalerthree.net *.zscloud.net staticzone.idigitalcontents.com flockler.com *.investisdigital.com *.flockler.com viz.tools.investis.com otp.tools.investis.com irs.tools.investis.com players.brightcove.net edge.api.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com fonts.googleapis.com fonts.gstatic.com staticcontents.investisdigital.com staticcontents.investis.com; font-src 'self' 'unsafe-inline' * data: vjs.zencdn.net fonts.googleapis.com fonts.gstatic.com; script-src 'self' atkinsrealis.cm.invdcloud-is.co.uk 'unsafe-inline' 'unsafe-eval' static.trackedweb.net static.cloudflareinsights.com *.zscaler.net *.zscalerone.net *.zscalertwo.net *.zscalerthree.net *.zscloud.net *.analytics.google.com *.google.com *.google-analytics.com preview-experiences.brightcove.net connect.facebook.net staticzone.idigitalcontents.com manifest.prod.boltdns.net blob: *.investisdigital.com *.jquery.com flockler.com *.flockler.com arg.investisdigital.net www.google.com www.gstatic.com maps.google.com maps.googleapis.com googleapis.com *.googleapis.com *.cookielaw.org cdn.cookielaw.org *.googletagmanager.com cdn.jsdelivr.net cdnjs.cloudflare.com viz.tools.investis.com otp.tools.investis.com irs.tools.investis.com players.brightcove.net edge.api.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com fonts.googleapis.com fonts.gstatic.com www.google-analytics.com arg.investis.com arg.tools.investis.com snap.licdn.com www.youtube.com staticcontents.investisdigital.com staticcontents.investis.com vjs.zencdn.net secure.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com sc.lfeeder.com *.execute-api.eu-west-1.amazonaws.com; connect-src 'self' *.linkedin.com region1.google-analytics.com atkinsrealis.cd.invdcloud-is.co.uk staticzone.idigitalcontents.com house-fastly-signed-eu-west-1-prod.brightcovecdn.com r1.trackedweb.net *.hs.llnwd.net *.google.com cdn.linkedin.oribi.io *.analytics.google.com *.google-analytics.com *.google.com *.investisdigital.com *.investis.com *.linkedin.oribi.io arg.tools.investis.com manifest.prod.boltdns.net maps.google.com gallery-metrics.api.brightcove.com flockler.com *.flockler.com privacyportal-de.onetrust.com *.cookielaw.org cdn.cookielaw.org www.googleadservices.com www.google-analytics.com maps.googleapis.com googleapis.com *.googleapis.com players.brightcove.net edge.api.brightcove.com f1.media.brightcove.com stats.g.doubleclick.net secure.brightcove.com f1.cf.brightcove.com *.execute-api.eu-west-1.amazonaws.com manifest.prod.boltdns.net geolocation.onetrust.com *.onetrust.com; base-uri 'self'; form-action 'self'; script-src-elem 'self' atkinsrealis.cm.invdcloud-is.co.uk 'unsafe-inline' 'unsafe-eval' static.trackedweb.net static.cloudflareinsights.com communications.atkinsrealis.com *.zscaler.net *.zscalerone.net *.zscalertwo.net *.zscalerthree.net *.zscloud.net *.analytics.google.com *.google.com *.google-analytics.com preview-experiences.brightcove.net connect.facebook.net staticzone.idigitalcontents.com manifest.prod.boltdns.net blob: *.investisdigital.com *.jquery.com flockler.com *.flockler.com arg.investisdigital.net www.google.com www.gstatic.com maps.google.com maps.googleapis.com googleapis.com *.googleapis.com *.cookielaw.org cdn.cookielaw.org *.googletagmanager.com cdn.jsdelivr.net cdnjs.cloudflare.com viz.tools.investis.com otp.tools.investis.com irs.tools.investis.com players.brightcove.net edge.api.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com fonts.googleapis.com fonts.gstatic.com www.google-analytics.com arg.investis.com arg.tools.investis.com snap.licdn.com www.youtube.com staticcontents.investisdigital.com staticcontents.investis.com vjs.zencdn.net secure.brightcove.com f1.cf.brightcove.com f1.media.brightcove.com sc.lfeeder.com *.execute-api.eu-west-1.amazonaws.com; |
| Referrer-Policy | strict-origin-when-cross-origin |
| X-Frame-Options | SAMEORIGIN |
| X-Content-Type-Options | nosniff |
| Cf-Cache-Status | DYNAMIC |
| Server | cloudflare |
| Connection | keep-alive |
| Set-Cookie | AWSALB=M8Q6vmliOD+sBFN/Doej7LhnLAf7RrGI2Hx2CMqTaz07gBzJWalOEqpiIrtQHFaVk6KFqdJ17iGXejSm54tgpf+1zaTdkP30vU9NbEynl3Z4PeIqN+ZuP0x6dRIB; Expires=Tue, 15 Apr 2025 03:14:58 GMT; Path=/ |
| Cache-Control | private |
| X-Xss-Protection | 1; mode=block |
| Access-Control-Allow-Origin | * |
| Cf-Ray | 92ce98fb5bb7d5a7-AMS |
| Date | Tue, 08 Apr 2025 03:14:58 GMT |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar