| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Vary | Origin,Accept-Encoding |
| Expires | Thu, 19 Nov 1981 08:52:00 GMT |
| Content-Type | text/html;charset=UTF-8 |
| X-Permitted-Cross-Domain-Policies | none |
| X-Frame-Options | SAMEORIGIN |
| Date | Tue, 15 Apr 2025 11:46:49 GMT |
| Content-Security-Policy-Report-Only | default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com kit.fontawesome.com connect.facebook.net cdn.polyfill.io code.jquery.com www.google-analytics.com ssl.google-analytics.com www.googleoptimize.com script.crazyegg.com cdn.syndication.twimg.com speedtest.bestbroadbanddeals.co.uk cdnjs.cloudflare.com maxcdn.bootstrapcdn.com widget.trustpilot.com s3.amazonaws.com cable.us4.list-manage.com admin.bestbroadbanddeals.co.uk services.xg4ken.com unpkg.com script.hotjar.com static.hotjar.com c5.adalyser.com plausible.io consent.cookiebot.com consentcdn.cookiebot.com e.infogram.com localhost:3000; connect-src 'self' consentcdn.cookiebot.com *.fontawesome.com api.addressy.com wss://ws.hotjar.com *.hotjar.com content.hotjar.io cable.us4.list-manage.com admin.bestbroadbanddeals.co.uk stats.g.doubleclick.net plausible.io localhost:3000; img-src 'self' data: *.bestbroadbanddeals.co.uk www.google.com www.googletagmanager.com www.google.co.uk www.google-analytics.com s1.2mdn.net ad.doubleclick.net stats.g.doubleclick.net gtrk.s3.amazonaws.com pbs.twimg.com code.jquery.com 19.xg4ken.com s3-eu-west-1.amazonaws.com pcf.tdscd.com c5.adalyser.com v2.crocdn.com 540k006f.tinifycdn.com imgsct.cookiebot.com; style-src 'self' 'unsafe-inline' code.jquery.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com admin.bestbroadbanddeals.co.uk pro.fontawesome.com localhost:3000; font-src 'self' *.fontawesome.com maxcdn.bootstrapcdn.com admin.bestbroadbanddeals.co.uk data: localhost:3000; object-src 'self' api.ookla.com fpdownload.adobe.com; frame-src 'self' widget.trustpilot.com vars.hotjar.com googleads.g.doubleclick.net consentcdn.cookiebot.com e.infogram.com data:; child-src 'self' blob:; report-uri /csp-violation-report/ |
| X-Download-Options | noopen |
| X-Xss-Protection | 1; mode=block |
| Set-Cookie | PHPSESSID=l1j8v0sd3pp22tj9dobsakosbi; path=/ |
| Cache-Control | max-age=600, must-revalidate |
| X-Bestbroadbanddeals-Cache-Id | page/42099b4af021e53fd8fd4e056c2568d7c2e3ffa8 |
| Server | Apache/2.4.62 (Debian) |
| X-Content-Type-Options | nosniff |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar