| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Request-Context | appId=cid-v1:bf630bc1-a04e-45e1-b68e-b230186ec3ca |
| X-Frame-Options | SAMEORIGIN |
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| Content-Type | text/html; charset=utf-8 |
| Expires | -1 |
| X-Xss-Protection | 1; mode=block |
| Feature-Policy | accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' |
| Referrer-Policy | no-referrer-when-downgrade |
| Date | Wed, 09 Apr 2025 04:05:21 GMT |
| Connection | keep-alive |
| Set-Cookie | sxa_site=The Law Society; path=/;SameSite=Strict; secure; HttpOnly |
| Content-Security-Policy | child-src 'self' blob: prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net ;connect-src 'self' *.flickr.com *.staticflickr.com *.civiccomputing.com *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net *.doubleclick.net *.gstatic.com *.googlesyndication.com *.hotjar.com *.google-analytics.com *.yahoo.com *.disquscdn.com *.disqus.com disqus.com *.emailcc.com emailcc.com blob: *.akamaihd.net *.boltdns.net prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net *.hotjar.com *.hotjar.io wss://*.hotjar.com *.boltdns.net *.akamaihd.net analytics.google.com *.clarity.ms *.google-analytics.com *.analytics.google.com api.lawsociety.org.uk cloudflareinsights.com cdn.linkedin.oribi.io maps.googleapis.com *.getaddress.io google.co.uk *.linkedin.com *.instagram.com *.facebook.com *.varify.io *.onetrust.com *.cookielaw.org *.prdsitecore93-cm.azurewebsites.net *.outseta.com;default-src 'self' *.googlesyndication.com *.disquscdn.com *.disqus.com disqus.com *.lawsociety.org.uk *.google-analytics.com *.doubleclick.net *.gstatic.com *.adservice.google.ie *.adservice.google.com.sg *.adservice.google.ro *.adservice.google.de *.adservice.google.co.in *.adservice.google.fr *.googletagmanager.com *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net *.hotjar.com *.civiccomputing.com *.emailcc.com emailcc.com *.spreaker.com *.infogram.com prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net *.cloudflare.com;font-src 'self' data: *.slidesharecdn.com *.slideshare.net fast.fonts.net *.hotjar.com *.gstatic.com prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net *.fontawesome.com;frame-src 'self' *.livestream.com data: *.youtube.com *.ytimg.com *.twitter.com *.ads-twitter.com *.carto.com *.spreaker.com *.concep.com *.slidesharecdn.com *.slideshare.net *.storify.com *.hotjar.com *.doubleclick.net *.google.com *.google.co.uk *.infogram.com *.disquscdn.com *.disqus.com disqus.com *.googlesyndication.com *.emailcc.com emailcc.com *.akamaihd.net *.boltdns.net *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net www.facebook.com staticxx.facebook.com www.googletagservices.com *.lawsociety.org.uk calendly.com assets.calendly.com *.worldpay.com *.office.com *.arcgis.com *.utc.travel *.powerbi.com *.googleadservices.com *.live.com;img-src 'self' data: blob: *.youtube.com *.ytimg.com *.googleapis.com *.google.com *.google.co.uk *.twitter.com *.ads-twitter.com *.twimg.com *.yahoo.com *.webscanningservice.com *.flickr.com *.staticflickr.com *.google-analytics.com *.doubleclick.net *.gstatic.com *.hotjar.com *.lawsociety.org.uk *.disquscdn.com *.disqus.com disqus.com *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net *.boltdns.net prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net *.prdsitecore93-cm.azurewebsites.net *.boltdns.net *.googlesyndication.com px.ads.linkedin.com www.facebook.com *.lawgazette.co.uk www.linkedin.com d1d8vslyhr7rdg.cloudfront.net p.adsymptotic.com pixel.quantserve.com *.google-analytics.com *.analytics.google.com *.oribi.io *.googletagmanager.com *.eventscloud.com *.google.nl *.viglink.com *.cdninstagram.com *.onetrust.com *.outseta.com;media-src 'self' blob: *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net *.boltdns.net *.akamaihd.net;object-src *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net;report-uri https://lawsocietyorguk.report-uri.com/r/d/csp/enforce https://7ir5fiw82m.execute-api.eu-west-1.amazonaws.com/beta;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.youtube.com *.ytimg.com *.twitter.com *.ads-twitter.com *.twimg.com blob: *.flickr.com *.staticflickr.com *.concep.com *.googletagmanager.com *.spreaker.com *.hotjar.com *.google-analytics.com *.adservice.google.ie *.adservice.google.com.sg *.adservice.google.ro *.adservice.google.de *.adservice.google.co.in *.adservice.google.fr *.google.com *.google.co.uk *.gstatic.com *.doubleclick.net *.googlesyndication.com *.brightcove.net *.brightcove.com *.brightcove.hs.llnwd.net *.infogram.com *.disquscdn.com *.disqus.com disqus.com *.civiccomputing.com *.jquery.com *.emailcc.com emailcc.com prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net *.civiccomputing.com *.jquery.com *.cloudflare.com c.contentsvr.com *.emailcc.com *.ytimg.com *.bizographics.com connect.facebook.net snap.licdn.com cdn.ampproject.org *.googleadservices.com *.googletagservices.com *.lawsociety.org.uk secure.quantserve.com rules.quantcount.com vjs.zencdn.net *.googleoptimize.com calendly.com assets.calendly.com *.clarity.ms static.cloudflareinsights.com *.oribi.io *.worldpay.com openxcdn.net uidapi.com creativecdn.com *.jsdelivr.net *.varify.io *.onetrust.com *.cookielaw.org *.ablyft.com *.prdsitecore93-cm.azurewebsites.net *.outseta.com *.stripe.com;style-src 'unsafe-inline' *.googleapis.com 'self' fast.fonts.net *.twitter.com *.ads-twitter.com *.disquscdn.com *.disqus.com disqus.com *.googletagmanager.com prdsitecore93.azureedge.net prdsitecore93-cd.azurewebsites.net tagmanager.google.com cdn.ampproject.org *.bootstrapcdn.com optimize.google.com *.fontawesome.com *.cloudflare.com;upgrade-insecure-requests; |
| Access-Control-Allow-Origin | * |
| Cache-Control | no-cache, no-store |
| Pragma | no-cache |
| Vary | Accept-Encoding |
| X-Content-Security-Policy | nosniff |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar