| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Content-Language | en |
| X-Drupal-Cache | MISS |
| X-Age | 14221 |
| Cache-Control | public, max-age=60 |
| Expires | Thu, 10 Apr 2025 03:58:37 GMT |
| Accept-Ranges | bytes |
| X-Content-Type-Options | nosniff |
| X-Ah-Environment | prod |
| Content-Type | text/html; charset=UTF-8 |
| Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.maxymiser.net:* *.cloudfront.net:* *.googletagmanager.com:* *.facebook.net:* *.tvsquared.com:* *.tito.io:* *.youtube.com:* *.outbrain.com:* *.google-analytics.com:* *.ytimg.com:* *.google.com:* *.gstatic.com:* *.newrelic.com:* *.micpn.com:* *.nr-data.net:* *.twitter.com:* *.pinterest.com:* *.craftyclicks.co.uk:* *.blackbaudhosting.com:* *.ubembed.com:* *.pinimg.com:* *.adsrvr.org:* *.ads-twitter.com:* *.bing.com:* *.civiccomputing.com:* *.hotjar.com:* *.teads.tv:* *.googleadservices.com:* *.eventbrite.co.uk:* *.cookielaw.org:* *.streamdays.com:* *.hypemarks.com:* *.blackbaud.com:* *.bbox.blackbaudhosting.com:* *.payments.blackbaud.com:* *.recaptcha.net:* *.livechatinc.com:* *.ubisend.io:* *.googleads.g.doubleclick.net:* googleads.g.doubleclick.net:* *.ads.nextdoor.com:* ads.nextdoor.com:* *.analytics.tiktok.com:* *.tiktok.com:* *.cdn.jsdelivr.net:* *.jsdelivr.net:* unpkg.com:* *.cloudflare.com:* *.c0.adalyser.com:* *.adalyser.com:* *.convertexperiments.com:* https://s.go-mpulse.net:* https://snap.licdn.com:* https://s.go-mpulse.net/boomerang/CBUYF-38H2N-T4V2M-LBL7F-EET72 https://www.googletagmanager.com:* *.googlesyndication.com:* https://pagead2.googlesyndication.com/:* *.clarity.ms:*; object-src *.cloudfront.net:* *.cloudfront.net *.maxymiser.net:* *.kiosk.bdch.org.uk:* *.googlesyndication.com:*; style-src 'self' 'unsafe-inline' *.acquia-sites.com:* *.bootstrapcdn.com:* *.battersea.org.uk:* *.blackbaudhosting.com:* *.tagmanager.google.com:* tagmanager.google.com:* *.googleapis.com:* *.blackbaud.com:* *.google.com:* *.ubisend.io:* *.jsdelivr.net:* *.fontawesome.com:* *.adalyser.com:* *.cloudflare.com:* *.googletagmanager.com:* *.googlesyndication.com:* https://pagead2.googlesyndication.com/:* ; img-src 'self' data: *.cloudfront.net *.cloudfront.net:* *.adnxs.com:* *.tvsquared.com:* *.outbrain.com:* *.google-analytics.com:* *.facebook.com:* *.doubleclick.net:* *.googletagmanager.com:* *.google.com:* *.google.co.uk:* *.atdmt.com:* *.google.co.in:* *.force.com:* *.ytimg.com:* *.micpn.com:* *.twitter.com:* *.battersea.org.uk:* *.adsrvr.org:* *.pinterest.com:* *.blackbaudhosting.com:* t.co:* *.bing.com:* *.adalyser.com:* *.maxymiser.net:* *.hypemarks.com:* *.hotjar.com:* *.teads.tv:* *.cookielaw.org:* *.gstatic.com:* *.googleusercontent.com:* *.casalemedia.com:* *.livechatinc.com:* *.nextdoor.com:* *.analytics.yahoo.com:* *.google.si:* *.linkedin.com:* *.google.co:* *.px.ads.linkedin.com:* *.google.com.au:* *.google-analytics.com:* *.analytics.google.com:* *.youtube.com:* *.google.ie/* *.google.ca/* *.google.lk/* *.google.im/* *.google.com.hk/* *.google.lt/* *.googleads.g.doubleclick.net/* *.google.com.qa/* *.google.co.vi/* *.google.com.gi/* *.google.be/* *.google.hu/* *.google.co.nz/* *.google.dk/* *.google.fr/* *.google.pl/* *.google.gg/* *.google.mn/* *.google.de/* *.google.it/* *.google.gy/* *.google.es/* *.google.com.br/* *.google.je/* *.google.com.lb/* *.google.com.bh/* *.google.tt/* *.google.pt/* *.google.nl/* *.google.com.my/* *.google.ch/* *.google.com.ph/* *.google.com.sa/* *.google.com.tw/* https://ade.googlesyndication.com:* *.googlesyndication.com:* https://pagead2.googlesyndication.com:* *.fundraisingregulator.org.uk; media-src 'self' *.cloudfront.net:* *.cloudfront.net; frame-src *.doubleclick.net:* *.google.com:* *.twitter.com:* *.youtube.com:* *.acquia-sites.com:* *.battersea.org.uk:* *.maxymiser.net:* *.pinterest.com:* *.blackbaudhosting.com:* *.facebook.com:* *.ubembed.com:* *.hotjar.com:* *.adsrvr.org:* *.amazon-adsystem.com:* *.blackbaud.com:* *.acquia-sites.com:* *.eventbrite.co.uk:* *.hypemarks.com:* *.teads.tv:* *.streamdays.com:* mpembed.com:* *.livechatinc.com:* *.recaptcha.net:* *.pinterest.co.uk:* *.pinterest.com.au:* *.googlesyndication.com:* https://www.googletagmanager.com; frame-ancestors 'self' *.doubleclick.net:* *.google.com:* *.youtube.com:* *.acquia-sites.com:* *.battersea.org.uk:* *.maxymiser.net:* *.pinterest.com:* *.bdch.org.uk:* *.eventbrite.co.uk:* *.blackbaud.com:* *.googlesyndication.com:*; child-src *.doubleclick.net:* *.google.com:* *.facebook.com:* *.twitter.com:* *.youtube.com:* *.acquia-sites.com:* *.battersea.org.uk:* *.maxymiser.net:* *.pinterest.com:* *.blackbaudhosting.com:* *.adsrvr.org:* *.amazon-adsystem.com:* *.ubembed.com:* *.eventbrite.co.uk:* *.blackbaud.com:*; font-src 'self' 'unsafe-inline' *.googleusercontent.com:* *.google.com:* *.bootstrapcdn.com:* *.battersea.org.uk:* *.hotjar.com:* *.maxymiser.net:* *.googleapis.com:* data:* data: *.bdch.org.uk:* *.gstatic.com:* *.at.alicdn.com:* *.fontawesome.com:* *.fonts.gstatic.com:*; connect-src 'self' *.google-analytics.com:* *.maxymiser.net:* *.facebook.com:* *.hotjar.io:* *.pinterest.com:* *.doubleclick.net:* *.kiosk.bdch.org.uk:* *.bdch.org.uk:* *.blackbaud.com:* *.ubembed.com:* *.bing.com:* *.nr-data.net:* *.hotjar.com:* *.cookielaw.org:* *.livechatinc.com:* *.hypemarks.com:* *.civiccomputing.com:* *.yimg.com:* *.teads.tv:* *.ads.nextdoor.com:* ads.nextdoor.com:* *.googleads.g.doubleclick.net:* googleads.g.doubleclick.net:* *.analytics.google.com:* analytics.tiktok.com:* wss://ws.hotjar.com/api/v2/client/ws adservice.google.com www.google.com *.ads.linkedin.com:* *.go-mpulse.net:* metrics.battersea.org.uk https://adservice.google.com:* https://privacyportal-eu.onetrust.com:* *.akstat.io:* *.googlesyndication.com:* https://pagead2.googlesyndication.com/:* *.convertexperiments.com:* https://*.akamaihd.net *.recaptcha.net:* ;; report-uri /report-csp-violation |
| Referrer-Policy | strict-origin-when-cross-origin |
| Etag | "1744243235-gzip" |
| Surrogate-Key | r0ie bh0c qtc7 b6rk l353 jbsr tflo g2mf 0ogc d473 r8s4 tb82 sqos o4v9 2m6e dcbt qkvc de3i fj1t e3bm 4b1t 2aaa hlle i46b seej sin2 bnml pg9s adlf um5k 99im dhv4 37no j1a2 rhfm ga20 gma8 n1df cefc o1am kkh9 69ov mmpa asmv hg2l bfhs dh6e 8o8l 6g5d t8ro tl55 tv2u h5mt 4cpi omqp 5k2d sl9d fqot krb1 52qa 65qr 38et 6ugs jkfp niqi rfma 9oer 5pmk rajl pci8 6eah b59u jchv 2j44 96he ndha nqpg at6q d5j7 lde7 d6rl c6bj 2cvo ggug 15c8 pn9l js04 om2n rqtv bj1b hghd 64vi 41u3 c3eo fqr0 2ncg lfc5 qpgk jd8e nvnr 5i6g 3ri3 v5h3 vpbl hcmh i2jv juhd 2uq8 tdb4 3d53 pg6v gda0 8ip0 tc51 ah0i csvo qvr1 jeq0 1og9 mfc8 5h2r 7r4p 7rcq nge5 52uv j0on fjbn dj9h arre 5qsc cahc ddsc 2tcs 14si f977 lnqs pbqj ii9a 8hdj k4ko 5oo5 o85m tidf 3b61 kui4 lrht 260r suil o0s6 npg1 j0dv nviq 0nuv eman dnsf l515 2j0b 8of4 43ir cr7i 29ke 04pl vn2f c4j9 c64o a7vv vbk4 lvsl k92n 67l8 tvdu d0qk 4dhn 2hs5 ai7c tje5 2640 1sth j6q0 rn6v mr2t dif0 i9tl 3lob 7vb7 tt79 psk7 a19r c3ov 3vqr t0d5 018q ibf6 uqdu tk49 lji4 14cg 2a05 bsmm cqt1 033k k7eu 16gd a6ec |
| X-Cache-Hits | 788 |
| Connection | keep-alive |
| Server-Timing | cdn-cache; desc=REVALIDATE |
| Vary | Accept-Encoding |
| X-Drupal-Dynamic-Cache | UNCACHEABLE (poor cacheability) |
| X-Generator | Drupal 10 (https://www.drupal.org) |
| From-Origin | same, http://kiosk.local, http://kiosk.bdch.org.uk, https://payments.blackbaud.com, http://kiosk.bdch.org.uk/apply.html |
| Last-Modified | Thu, 10 Apr 2025 00:00:35 GMT |
| X-Request-Id | v-d418b256-159e-11f0-95ab-ff5549733c9c |
| X-Akamai-Transformed | 9 26967 0 pmb=mRUM,1 |
| X-Xss-Protection | 1; mode=block |
| Date | Thu, 10 Apr 2025 03:57:37 GMT |
| Strict-Transport-Security | max-age=15768000 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar