Open
Cached
·
just now
19
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; img-src; style-src; +12 more
default-src 'self'; img-src https://*.akstat.io 'self' https://region1.analytics.google.com https://cdn.vev.design https://d2osz8slymlqdp.cloudfront.net https://public.flourish.studio https://flo.uri.sh https://pbcdn1.podbean.com https://blog.se.com https://blog.schneider-electric.com https://www.google.com https://www.google.co.jp https://www.google.ca https://www.google.ph https://px.ads.linkedin.com https://www.google.tt https://www.google.com.vn https://www.google.com.au https://www.google.es https://www.google.it https://www.google.de https://www.google.nl https://www.google.com.sg https://www.google.com.my https://www.google.co.uk https://px.ads.linkedin.com https://secure.gravatar.com https://c.az.contentsquare.net https://www.google.fr https://www.google.co.in https://*.google-analytics.com https://www.googletagmanager.com https://cdn.shortpixel.ai https://sketchfab.com https://www.se.com https://intstatcheck.wsecure.schneider-electric.com https://id.rlcdn.com https://segments.company-target.com https://www.linkedin.com https://www.facebook.com https://www.google.com https://googleads.g.doubleclick.net https://fonts.gstatic.com https://tags.tiqcdn.cn https://tags.tiqcdn.com https://tags-eu.tiqcdn.com https://api.tealiumiq.com https://*.tealiumiq.com https://cdn.cookielaw.org data:; style-src 'self' 'unsafe-inline' 'report-sample' https://selectandconfig-widget.schneider-electric.com https://uiaas.myschneider.se.com https://public.flourish.studio https://flo.uri.sh https://www.se.com https://sketchfab.com https://service.force.com https://www.googletagmanager.com https://fonts.gstatic.com https://fonts.googleapis.com https://tags.tiqcdn.cn https://tags.tiqcdn.com https://tags-eu.tiqcdn.com https://api.tealiumiq.com https://*.tealiumiq.com; script-src https://*.go-mpulse.net 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: https://selectandconfig-widget.schneider-electric.com https://uiaas.myschneider.se.com https://d.la4-c2-ia7.salesforceliveagent.com https://d43xkr2jxgbkd.cloudfront.net https://cdn.vev.design https://js.vev.design https://embed.vev.page https://uiaas.myschneider.se.com https://public.flourish.studio https://flo.uri.sh https://cdn.thinglink.me https://d2osz8slymlqdp.cloudfront.net https://*.google-analytics.com https://www.gstatic.com https://www.semrush.com https://yoast.com https://t.contentsquare.net https://www.google.com https://www.opoint.no https://tag.demandbase.com https://munchkin.marketo.net https://www.googletagmanager.com https://sketchfab.com https://unpkg.com https://www.se.com https://cdn.cookielaw.org https://www.youtube.com https://www.google.com/recaptcha https://d.la5-c1-ia4.salesforceliveagent.com https://se.my.salesforce.com https://service.force.com https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://www.googleadservices.com https://tags.tiqcdn.cn https://tags.tiqcdn.com https://tags-eu.tiqcdn.com https://api.tealiumiq.com https://*.tealiumiq.com; font-src 'self' https://fonts.vev.design https://uiaas.myschneider.se.com https://public.flourish.studio https://flo.uri.sh https://www.se.com https://use.typekit.net https://sketchfab.com https://fonts.gstatic.com https://fonts.googleapis.com; media-src 'self' https://cdn.vev.design https://public.flourish.studio https://flo.uri.sh https://blog.se.com https://www.se.com https://ssl.gstatic.com https://blog.schneider-electric.de https://mcdn.podbean.com https://sketchfab.com https://eastus.customvoice.api.speech.microsoft.com https://cvoiceprodeus.blob.core.windows.net blob:; connect-src https://*.go-mpulse.net https://*.akstat.io 'self' https://analytics.se.com https://analytics.google.com https://region1.analytics.google.com https://selectandconfig-widget.schneider-electric.com https://uiaas.myschneider.se.com https://d.la4-c2-ia7.salesforceliveagent.com https://d43xkr2jxgbkd.cloudfront.net https://d2osz8slymlqdp.cloudfront.net https://cdn.builder.io https://178-gyd-668.mktoutil.com https://my.yoast.com https://*.google-analytics.com https://www.googletagmanager.com https://api.se.com https://sketchfab.com https://www.se.com https://cdn.cookielaw.org https://srm.aa.contentsquare.net https://c.az.contentsquare.net https://q-eu1.az.contentsquare.net https://k-eu1.az.contentsquare.net https://pagead2.googlesyndication.com https://www.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.company-target.com https://178-gyd-668.mktoresp.com https://www.google-analytics.com https://tag-logger.demandbase.com https://segments.company-target.com https://geolocation.onetrust.com https://privacyportal-eu.onetrust.com https://px.ads.linkedin.com https://*.tealiumiq.com; frame-src 'self' https://public.flourish.studio https://flo.uri.sh https://www.google.com https://www.googletagmanager.com https://www.facebook.com https://embed.acast.com https://www.youtube.com https://csxd.contentsquare.net https://www.podbean.com https://play.zype.com https://cdn.trustcommander.net https://www.resonaterecordings.com https://tunein.com https://www.spotify.com https://embed.podcasts.apple.com https://cdn.tagcommander.com https://sketchfab.com https://www.jobvite.com https://www.marketo.com https://www.soundcloud.com https://s.company-target.com https://service.force.com https://*.doubleclick.net; form-action 'self' https://www.facebook.com; object-src 'none'; base-uri 'none'; frame-ancestors 'self'; report-to csp-endpoint; upgrade-insecure-requests; report-uri https://blog.se.com/csp_report/
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
Transfer-Encoding
Transfer-Encoding
Performance
chunked
Caching Headers
2 headers
Cache-Control
Caching
private, max-age=3600
Expires
Caching
Thu, 05 Feb 2026 01:52:44 GMT
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
Server
Server
Apache
CORS Headers
3 headers
Access-Control-Allow-Headers
Cors
Content-Type
Access-Control-Allow-Methods
Cors
GET,POST,OPTIONS
Access-Control-Allow-Origin
Cors
https://blog.se.com
Cookies Headers
0 headers
No cookies headers found
Other Headers
5 headers
Date
Other
Thu, 05 Feb 2026 00:52:44 GMT
Report-To
Other
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://blog.se.com/csp_report/" } ], "include_subdomains": true }
Server-Timing
Other
ak_p; desc="1770252764315_400321422_469642442_64_16173_2_27_-";dur=1
Upgrade
Other
h2,h2c
X-Akamai-Transformed
Other
9 - 0 pmb=mRUM,3
Recommendations
Enable compression (gzip/brotli) to improve performance