| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Date | Sat, 19 Apr 2025 17:49:38 GMT |
| Content-Type | text/html; charset=utf-8 |
| Cache-Control | no-cache |
| X-Frame-Options | sameorigin |
| X-Content-Type-Options | nosniff |
| Expires | -1 |
| Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' edge.marker.io consent.cookiebot.com consentcdn.cookiebot.com ajax.googleapis.com widget.trustpilot.com www.google.com www.gstatic.com cdn.jsdelivr.net contact.britsafe.org cdnjs.cloudflare.com www.googletagmanager.com briti11326.pcapredict.com www.paypal.com snap.licdn.com bat.bing.com munchkin.marketo.net static.hotjar.com secure.hiss3lark.com d10lpsik1i8c69.cloudfront.net script.hotjar.com cloudfront.barilliance.com assets.adoberesources.net documentcloud.adobe.com js.stripe.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com contact.britsafe.org www.barilliance.net www.barilliance.com static.barilliance.com www.googletagmanager.com *.typekit.net cdn.jsdelivr.net; img-src 'self' data: contact.britsafe.org www.britsafe.org dashboard.umbraco.com our.umbraco.com www.gravatar.com www.barilliance.net www.paypalobjects.com *.google-analytics.com *.googletagmanager.com bat.bing.com px.ads.linkedin.com imgsct.cookiebot.com static.barilliance.com fonts.gstatic.com assets.adoberesources.net lh3.googleusercontent.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com *.typekit.net data:; object-src 'none'; frame-ancestors 'none'; form-action 'self' go.loginservice.co.uk; base-uri 'self'; default-src 'none'; connect-src 'self' api.marker.io consentcdn.cookiebot.com www.sandbox.paypal.com www.paypal.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com settings.luckyorange.net 638-xeh-487.mktoresp.com wss://ws.hotjar.com content.hotjar.io px.ads.linkedin.com www.barilliance.net *.adobe.io wss://*.adobe.io; frame-src 'self' consentcdn.cookiebot.com widget.trustpilot.com www.google.com www.sandbox.paypal.com www.paypal.com static.barilliance.com player.vimeo.com www.youtube.com contact.britsafe.org cloudfront.barilliance.com www.barilliance.net www.barilliance.com munchkin.js documentcloud.adobe.com js.stripe.com; manifest-src 'self' www.youtube.com; |
| Strict-Transport-Security | max-age=16000000; preload |
| Cf-Cache-Status | DYNAMIC |
| Server | cloudflare |
| Cf-Ray | 932e3d5b6e4c9721-AMS |
| Vary | Accept-Encoding |
| Connection | keep-alive |
| Pragma | no-cache |
| X-Xss-Protection | 1; mode=block |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar