| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Cf-Ray | 930a1302afddf5da-AMS |
| Pragma | no-cache |
| Expires | Mon, 15 Apr 2024 08:17:01 GMT |
| Strict-Transport-Security | max-age=31536000 |
| Date | Tue, 15 Apr 2025 08:29:16 GMT |
| Content-Type | text/html; charset=UTF-8 |
| Cf-Cache-Status | DYNAMIC |
| Set-Cookie | PHPSESSID=6efr0l3lvv8phtr6d1h5i64lro; HttpOnly; SameSite=Lax; Secure; Path=/; Domain=www.barbour.com; Max-Age=36000; Expires=Tue, 15 Apr 2025 18:29:16 GMT |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| Vary | Accept-Encoding |
| X-Served-By | ip-172-32-9-162.eu-west-2.compute.internal |
| Server | cloudflare |
| Cache-Control | max-age=0, must-revalidate, no-cache, no-store |
| Content-Security-Policy-Report-Only | font-src fonts.gstatic.com use.typekit.net *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://fonts.gstatic.com yotpo-stool.s3.amazonaws.com *.cloudflare.com *.googleapis.com www.google-analytics.com *.gstatic.com *.twitter.com *.typekit.net *.twimg.com *.yotpo.com 'self' data: *.bounceexchange.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.bounceexchange.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com *.barbour.com *.jbs-uat.com admin.barbour.com 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com www.googletagmanager.com *.adyen.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.twitter.com *.youtube.com *.hotjar.com *.hotjar.io *.vimeo.com *.google.com *.paypal.com *.bounceexchange.com *.doubleclick.net *.pinterest.com *.facebook.com *.yotpo.com *.addthis.com *.dotmailer-surveys.com *.barbour.com *.jbs-uat.com admin.barbour.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com 'unsafe-inline' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com p.typekit.net s.ytimg.com *.adyen.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.by *.google-analytics.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.postcodeanywhere.co.uk *.cloudflare.com *.google.com *.google.co.uk maps.gstatic.com *.googleadservices.com *.googleapis.com *.yotpo.com yotpo-stool.s3.amazonaws.com https://yotpo-editor-production.s3.amazonaws.com *.doubleclick.net *.curalate.com wf1.mywebdata.co.uk *.bounceexchange.com *.bouncex.net *.paypal.com *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net *.klarna.com *.twitter.com *.twimg.com *.lightemporium.com *.usercentrics.eu *.barbour.com *.jbs-uat.com admin.barbour.com *.pinterest.com *.unpkg.com *.qubitproducts.com *.qubit.com *.gstatic.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com www.googletagmanager.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.youtube.com *.adyen.com *.sharethis.com *.exponea.com api.uk.exponea.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://maps.googleapis.com https://ct.pinterest.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com *.postcodeanywhere.co.uk *.bugherd.com *.cloudflare.com *.pcapredict.com acsbapp.com *.cloudflareinsights.com analytics.tiktok.com *.google.com *.gstatic.com *.google-analytics.com *.twimg.com *.paypal.com *.googletagmanager.com *.googleapis.com *.twitter.com *.yotpo.com js-agent.newrelic.com *.nr-data.net *.doubleclick.net *.hotjar.com *.hotjar.io www.bugherd.com *.iubenda.com *.iesnare.com *.newrelic.com s.pinimg.com wf1.mywebdata.co.uk *.pingdom.net *.bounceexchange.com *.curalate.com *.goqubit.com js.facebook.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.addthis.com *.moatads.com *.addthisedge.com *.dotmailer-surveys.com *.klarnaservices.com *.barbour.com *.jbs-uat.com admin.barbour.com 'unsafe-inline' data: *.bing.com *.wknd.ai https://www.googletagmanager.com tagmanager.google.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com getfirebug.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://fonts.googleapis.com cdn.dnky.co webchat.dotdigital.com *.cloudflare.com *.google.com *.gstatic.com *.google-analytics.com *.googleapis.com 'unsafe-inline' data: *.twitter.com *.typekit.net *.yotpo.com *.twimg.com *.postcodeanywhere.co.uk *.bounceexchange.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.klarnacdn.net *.barbour.com *.jbs-uat.com admin.barbour.com *.unpkg.com *.qubitproducts.com tagmanager.google.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.iesnare.com *.cdnwidget.com *.barbour.com *.jbs-uat.com admin.barbour.com *.pinterest.com data: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.sandbox.paypal.com *.adobe.io performance.typekit.net *.adyen.com *.sharethis.com *.exponea.com api.uk.exponea.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://maps.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com *.postcodeanywhere.co.uk *.acsbapp.com *.cloudflare.com *.google-analytics.com *.google.com *.googlesyndication.com *.twitter.com *.paypal.com *.twimg.com *.yotpo.com *.nr-data.net *.doubleclick.net analytics.tiktok.com *.hotjar.com *.hotjar.io wss://mpsnare.iesnare.com *.mpsnare.iesnare.com *.iubenda.com *.curalate.com *.qubit.com *.pingdom.net *.qubitproducts.com *.pinterest.com *.facebook.com *.barbour.com *.jbs-uat.com admin.barbour.com *.unpkg.com *.bouncex.net *.bounceexchange.com *.cdnwidget.com *.cdnbasket.net https://www.google-analytics.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com *.bounceexchange.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; |
| X-Xss-Protection | 1; mode=block |
| Connection | keep-alive |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar