| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Date | Thu, 17 Apr 2025 22:54:33 GMT |
| X-Content-Type-Options | nosniff |
| Cf-Cache-Status | DYNAMIC |
| Server | cloudflare |
| Connection | keep-alive |
| Content-Security-Policy | default-src https://*.goinstore.com cdn.cookielaw.org *.salecycle.com d16fk4ms6rqz1v.cloudfront.net cdn.decibelinsight.net api.getaddress.io; script-src * data: 'unsafe-inline' 'unsafe-eval' https://*.goinstore.com https://*.opentok.com https://vjs.zencdn.net https://cdn.jsdelivr.net smct.co *.smct.co smct.io *.smct.io *.amazonaws.com; style-src * 'unsafe-inline' https://*.goinstore.com https://vjs.zencdn.net smct.co *.smct.co smct.io *.smct.io *.amazonaws.com; img-src blob: data: * *.amazonaws.com *.analytics.google.com *.google-analytics.com *.smct.co *.smct.io smct.co smct.io https://*.goinstore.com; font-src data: * smct.co *.smct.co smct.io *.smct.io *.amazonaws.com; connect-src 'self' blob: *.ads.linkedin.com *.amazonaws.com *.analytics.google.com *.clarity.ms *.contentsquare.net *.criteo.com *.force.com *.google-analytics.com *.optimizely.com *.reevoo.com *.salecycle.com *.smct.co *.smct.io *.zoovu.com 63di6za7i5.execute-api.eu-west-1.amazonaws.com api.companieshouse.gov.uk api.company-information.service.gov.uk api.getaddress.io assets-barracuda-runner.azureedge.net bat.bing.com cdn.cnetcontent.com cdn.cookielaw.org cdn.decibelinsight.net d16fk4ms6rqz1v.cloudfront.net maps.googleapis.com privacyportal-de.onetrust.com secure.img-cdn.mediplex.com sentry.smartassistant.com smct.co smct.io smetrics.currys.co.uk stats.g.doubleclick.net https://*.api.brightcove.com https://*.bambuser.com https://*.contentsquare.net https://*.goinstore.com https://*.loggly.com https://*.opentok.com https://*.tokbox.com https://api.charitycommission.gov.uk https://cdn.cs.1worldsync.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://consenna-reseller.s3-eu-west-1.amazonaws.com https://currysbusiness.my.site.com https://digital-reseller.com https://dpm.demdex.net https://manifest.prod.boltdns.net https://prod.accdab.net https://siteintercept.qualtrics.com https://sgtm.business.currys.co.uk https://vjs.zencdn.net https://widgets.reevoo.com https://www.hpdigitalreseller.com wss://*.tokbox.com wss://cdn.decibelinsight.net; manifest-src 'self'; media-src * blob: https://*.goinstore.com; object-src *; child-src 'self'; frame-src * smct.co *.smct.co smct.io *.smct.io *.amazonaws.com; frame-ancestors *; form-action *; worker-src 'self' blob: |
| Accept-Ch | sec-ch-ua-platform |
| X-Frame-Options | sameorigin |
| Vary | Accept-Encoding |
| Content-Type | text/html; charset=UTF-8 |
| Strict-Transport-Security | max-age=63072000 |
| X-Xss-Protection | 1; mode=block |
| Referrer-Policy | origin |
| Set-Cookie | msession=b4a702e10cc65ac6019645f6050a; Version=1; Path=/; Secure; HttpOnly; SameSite=None; Max-Age=315576000 |
| Cache-Control | no-cache, no-store |
| Cf-Ray | 931f81415fa89f93-AMS |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar