| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Age | 5297 |
| Cache-Status | "Netlify Edge"; hit; fwd=stale |
| Set-Cookie | x-forwarded-for=89.46.131.159%2C%2099.80.137.157; Path=/;Secure |
| X-Frame-Options | SAMEORIGIN |
| X-Mp-Xae2 | 3926 |
| X-Content-Type-Options | nosniff |
| Content-Type | text/html; charset=utf-8 |
| Server | AppTrana |
| Etag | W/"12a8r5arebf463q" |
| Report-To | {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"/csp/report"}],"include_subdomains":true} |
| Date | Fri, 18 Apr 2025 18:58:16 GMT |
| Connection | keep-alive |
| Cache-Control | public,max-age=0,must-revalidate |
| Content-Security-Policy | frame-ancestors 'self' https://victorinox.frontastic.io ; default-src 'self' ; media-src 'self' data: *.victorinox.com *.swissarmy.com *.wenger.ch static.zdassets.com ; frame-src 'self' https: mailto: tel: ; worker-src 'self' blob: ; child-src 'self' blob: *.victorinox.com *.swissarmy.com *.wenger.ch *.tangiblee.com *.photorank.me *.pinterest.com https://web.facebook.com https://fbsbx.com https://*.google.com https://www.youtube.com https://www.facebook.com https://www.paypal.com https://www.paypalobjects.com https://www.sandbox.paypal.com https://emersya.com/ https://www.pinterest.com https://www.pinterest.co.uk https://www.pinterest.ch https://www.pinterest.de https://www.pinterest.fr https://www.pinterest.it https://www.pinterest.at https://www.pinterest.se https://www.pinterest.ru https://www.pinterest.ie https://secure.img-cdn.mediaplex.com *.fls.doubleclick.net *.doubleclick.net vars.hotjar.com victorinox-fr-affiliate-programme.sjv.io player.vimeo.com assets.bounceexchange.com ; img-src 'self' data: https: https://api.qrserver.com *.abtasty.com *.amazonaws.com https://cdn.optimizely.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *.victorinox.com *.swissarmy.com *.wenger.ch *.paypalobjects.com *.cloudfront.net *.cdn4.forter.com *.baidu.com *.onetrust.com *.getback.ch *.taboola.com *.yahoo.co.jp *.bazaarvoice.com *.cdn77.org *.zoovu.com *.tangiblee.com *.contentsquare.com *.zopim.com *.bdimg.com maps.google.com load.sumome.com load.sumo.com https://*.googletagmanager.com https://*.google-analytics.com www.googleadservices.com www.sc.pages03.net static.hotjar.com tag.wknd.ai assets.bounceexchange.com api.bounceexchange.com dev.bounceexchange.com tag.bounceexchange.com dash-staging.bounceexchange.com bat.bing.com snap.licdn.com t.contentsquare.net contentsquare.com static.ads-twitter.com analytics.tiktok.com analytics.twitter.com platform.twitter.com script.hotjar.com googleads.g.doubleclick.net s.yimg.jp px.adhigh.net assets.zendesk.com intljs.rmtag.com static.zdassets.com ut.rd.linksynergy.com br-victorinox.netmng.com tags.srv.stackadapt.com d.impactradius-event.com s.pinimg.com cdn.tangiblee.com cscoreproweustor.blob.core.windows.net js.monitor.azure.com api.channelsight.com cdn.channelsight.com *.klaviyo.com emersya.com cdn.emersya.com cdn.brcdn.com f.monetate.net se.monetate.net cdn.cookielaw.org cdn.jsdelivr.net cdnjs.cloudflare.com maps.googleapis.com photorankstatics-a.akamaihd.net https://*.google.com www.paypal.com www.gstatic.com www.gstatic.cn www.dwin1.com connect.facebook.net openpay.s3.amazonaws.com swissarmy.cardconnect.com:* vx.local:* *.clarity.ms *.openpay.mx *.googlesyndication.com https://www.recaptcha.net https://services.postcodeanywhere.co.uk *.sprinklr.com https://rum-static.pingdom.net https://rum-collector-2.pingdom.net *.teads.tv www.googleoptimize.com https://eubroken.mysingleromance.com https://dem.mysingleromance.com *.rakuten.com *.linksynergy.com *.xg4ken.com *.nxtck.com *.leadsrx.com *.dash-staging.bounceexchange.com *.dash.bounceexchange.com https://checkoutshopper-test.adyen.com https://live.adyen.com https://checkoutshopper-live.adyen.com https://checkoutshopper-live-us.adyen.com https://contest.victorinox.com https://view.juneapp.com https://unpkg.com *.google-analytics.com *.netlify.app https://emea02-nonprod.cluster.observability.cloud.sap:9999 *.youtube.com https://emea01.cluster.observability.cloud.sap:9999 https://victorinox-swiss-army.locally.com *.abtasty.com *.googleapis.com https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com https://*.affirm.com https://develop--b2cstore-victorinox.netlify.app https://*.friendlycaptcha.com https://mpsnare.iesnare.com https://victorinox--uat.sandbox.my.site.com https://victorinox--uat.sandbox.lightning.force.com/ https://victorinox--uat.sandbox.my.salesforce-scrt.com https://victorinox.my.site.com https://victorinox.my.salesforce-scrt.com https://io.fusedeck.net; font-src 'self' data: *.victorinox.com *.swissarmy.com *.wenger.ch *.hotjar.com *.cdn77.org *.cloudfront.net *.tangiblee.com olapic-data.s3.amazonaws.com photorankstatics-a.akamaihd.net fonts.gstatic.com emersya.com cdn.emersya.com fast.fonts.net cdnjs.cloudflare.com cdn.megabonus.com static3.avast.com cdn.honey.io netdna.bootstrapcdn.com assets.bounceexchange.com *.sprinklr.com *.channelsight.com *.abtasty.com *.gstatic.com *.googleapis.com; form-action 'self' https: ; connect-src 'self' ws: wss: *.victorinox.com *.swissarmy.com *.wenger.ch *.forter.com *.klaviyo.com *.amazonaws.com *.onetrust.com *.paypal.com *.paypalobjects.com *.openpay.mx *.taboola.com *.victorinox.com *.tangiblee.com *.contentsquare.net *.bazaarvoice.com *.getback.ch *.hotjar.com *.zoovu.com *.facebook.com https://*.google.com *.instagram.com sumo.com api.openweathermap.org https://*.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com emersya.com cdn.emersya.com ws.emersya.com cdn.cookielaw.org d2o5idwacg3gyw.cloudfront.net photorankstatics-a.akamaihd.net photorankapi-a.akamaihd.net https://*.g.doubleclick.net analytics.tiktok.com ekr.zdassets.com swissarmy.zendesk.com widget-mediator.zopim.com bat.bing.com px.adhigh.net hm.baidu.com tags.srv.stackadapt.com ct.pinterest.com api.channelsight.com dc.services.visualstudio.com vc.hotjar.io victorinox-fr-affiliate-programme.sjv.io events.bouncex.net coupons.bounceexchange.com *.cdnwidget.com *.cdnbasket.net maps.googleapis.com *.clarity.ms https://services.postcodeanywhere.co.uk https://api.addressy.com *.sprinklr.com https://rum-static.pingdom.net https://rum-collector-2.pingdom.net *.teads.tv https://dem.mysingleromance.com cdn.linkedin.oribi.io https://*.csftr.com *.googlesyndication.com *.rakuten.com *.linksynergy.com *.xg4ken.com *.nxtck.com *.leadsrx.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://checkoutshopper-live-us.adyen.com https://live.adyen.com *.frontastic.rocks *.frontastic.live *.frontastic.io *.linkedin.com *.cloudflare.com *.adyen.com https://emea02-nonprod.cluster.observability.cloud.sap:9999 *.youtube.com *.youku.com https://emea01.cluster.observability.cloud.sap:9999 https://google.com/pay *.abtasty.com https://logx.optimizely.com https://*.optimizely.com https://*.affirm.com https://develop--b2cstore-victorinox.netlify.app https://*.friendlycaptcha.com https://victorinox--uat.sandbox.my.site.com https://victorinox--uat.sandbox.lightning.force.com/ https://victorinox--uat.sandbox.my.salesforce-scrt.com https://victorinox.my.site.com https://victorinox.my.salesforce-scrt.com; style-src 'self' 'unsafe-inline' *.victorinox.com *.swissarmy.com *.wenger.ch *.cdn77.org *.tangiblee.com assets-static.victorinox.com *.klaviyo.com photorankstatics-a.akamaihd.net fonts.googleapis.com emersya.com cdn.emersya.com api.map.baidu.com fast.fonts.net static.getback.ch cdnjs.cloudflare.com tags.srv.stackadapt.com cdn.channelsight.com tiger-cdn.zoovu.com translate.googleapis.com assets.bounceexchange.com https://services.postcodeanywhere.co.uk *.sprinklr.com https://checkoutshopper-test.adyen.com https://checkoutshopper-live.adyen.com https://checkoutshopper-live-us.adyen.com https://live.adyen.com *.abtasty.com *.gstatic.com *.googleapis.com https://*.ugc.bazaarvoice.com https://victorinox--uat.sandbox.my.site.com https://victorinox--uat.sandbox.lightning.force.com/ https://victorinox--uat.sandbox.my.salesforce-scrt.com https://victorinox.my.site.com https://victorinox.my.salesforce-scrt.com; report-to csp-endpoint; |
| Netlify-Vary | query=__nextDataReq,header=x-nextjs-data|x-next-debug-logging|Accept-Encoding,cookie=__prerender_bypass|__next_preview_data |
| Strict-Transport-Security | max-age=31536000 |
| Vary | Accept-Encoding |
| X-Middleware-Set-Cookie | x-forwarded-for=89.46.131.159%2C%2099.80.137.157; Path=/ |
| X-Nextjs-Date | Fri, 18 Apr 2025 17:31:59 GMT |
| X-Nf-Request-Id | 01JS5483BJ3NQ8BXP596WFMTT2 |
| X-Powered-By | Next.js |
| Apptrana-Request-Id | c25fcf53a18ce9ea345cbd4c888596f0 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar