Open
Cached
·
just now
20
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
upgrade-insecure-requests; default-src; frame-ancestors; +13 more
upgrade-insecure-requests; default-src 'self' https://storage.googleapis.com/branddesignmanager/AnswerconnectWebsite/redesign/; frame-ancestors 'none'; form-action https://www.facebook.com/tr/ ; base-uri 'self'; report-uri;img-src 'self' data: https://stats.g.doubleclick.net/ https://bat.bing.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://www.google.co.in/pagead/ https://storage.googleapis.com/branddesignmanager/AnswerconnectWebsite/ https://storage.googleapis.com/full-assets/ https://storage.googleapis.com/livesupport/ https://storage.googleapis.com/distributedsource-new-app/ https://storage.chatsupport.co/ https://storage.googleapis.com/clientaccess/registration/ https://avatar.anywhere.app/ https://www.facebook.com/tr/ https://www.google.com/ https://*.gstatic.com https://*.google-analytics.com https://lh3.googleusercontent.com https://*.adroll.com https://us-u.openx.net https://idsync.rlcdn.com https://ib.adnxs.com https://ads.yahoo.com https://eb2.3lift.com https://trc.taboola.com https://simage2.pubmatic.com https://sync.outbrain.com https://pixel.rubiconproject.com https://dsum-sec.casalemedia.com https://pixel.advertising.com https://connect.facebook.net https://*.doubleclick.net https://pippio.com https://x.bidswitch.net https://*.facebook.com https://*.google.com https://*.adroll.mgr.consensu.org https://*.setmore.com/ https://storage.googleapis.com/setmore-assets/ https: https://*.chatsupport.co;script-src 'self' 'strict-dynamic' 'nonce-6f2ecdbfec314ce1b999da1dff092f38' 'unsafe-eval' https://*.setmore.com/ https://assets.setmore.com/integration/static/setmoreIframeLive.js https://*.tiktok.com/ https://signup.answerconnect.com/ https://signup.staging.answerconnect.com/ https://storage.googleapis.com/clientaccess/ https://unpkg.com/swiper/swiper-bundle.min.js http://widget.trustpilot.com/ https://widget.trustpilot.com/ http://www.google-analytics.com/ https://storage.googleapis.com/branddesignmanager/AnswerconnectWebsite/ https://storage.googleapis.com/full-assets/ https://*.smartlook.com https://*.smartlook.cloud https://snap.licdn.com/li.lms-analytics/ https://www.googleadservices.com/ http://www.googleadservices.com/ https://app.chatsupport.co/api/client/get/script/LS-da44d78b https://www.googleoptimize.com/ https://bat.bing.com/ http://bat.bing.com/ https://googleads.g.doubleclick.net/pagead/ https://www.google.com/pagead/ https://*.google-analytics.com/ https://www.googletagmanager.com/ https://*.adroll.com https://us-u.openx.net https://idsync.rlcdn.com https://ib.adnxs.com https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com https://dsum-sec.casalemedia.com https://pixel.advertising.com https://connect.facebook.net https://*.doubleclick.net https://pippio.com https://x.bidswitch.net https://*.facebook.com https://*.google.com https://*.adroll.mgr.consensu.org https://ajax.googleapis.com/ https://*.clarity.ms/ https://script.tapfiliate.com/ https://assets.answerconnect.co.uk/answerconnect/ https://app.chatsupport.co/api/client/ https://*.chatsupport.co https://js.sentry-cdn.com/ https://browser.sentry-cdn.com/ https://storage.googleapis.com/branding-resources/ https://ssl.google-analytics.com/ https://consentcdn.cookiebot.eu/ https://px.ads.linkedin.com/ https://analytics.tiktok.com/ https://capig.stape.cc/ https://www.google.com/ccm/ https://assets.answerconnect.com/common/js/ https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js https://unpkg.com/@fingerprintjs/[email protected]/dist/fp.min.js ;style-src 'self' 'unsafe-inline' https://*.setmore.com/ https://fonts.googleapis.com/ https://p.typekit.net/ https://tagmanager.google.com/ https://storage.googleapis.com/branddesignmanager/AnswerconnectWebsite/ https://storage.googleapis.com/full-assets/ https://optimize.google.com/ https://storage.googleapis.com/;font-src 'self' https://p.typekit.net/ https://use.typekit.net/ https://storage.googleapis.com/full-assets/ https://storage.googleapis.com/livesupport/chat/fonts/ data:;connect-src 'self' https://*.tiktok.com/ https://api.chatsupport.co/api/ https://*.setmore.com/ https://script.googleusercontent.com/macros/ https://*.google-analytics.com/ https://analytics.google.com/ https://www.facebook.com/ https://signup.answerconnect.com/ https://signup.staging.answerconnect.com/ https://widget.trustpilot.com/bootstrap/ https://widget.trustpilot.com/bootstrap/v5/ https://signup.staging.answerconnect.co.uk/services/leadRegistration https://signup.answerconnect.co.uk/services/leadRegistration https://stats.g.doubleclick.net/ https://signup.staging.answerconnect.co.uk/services/ https://signup.answerconnect.co.uk/services/ wss://rtmserver.anywhereworks.com/ https://optimize.google.com/ https://*.smartlook.com https://*.smartlook.cloud https://script.google.com/a/anywhere.co/macros/ https://storage.googleapis.com/fullstorage https://bat.bing.com/actionp/ https://frstre.com/ https://*.clarity.ms/ https://www.answerconnect.co.uk/blog/wp-json/wp/v2/posts https://*.chatsupport.co https://storage.staging.answerconnect.com/app https://storage.answerconnect.com/app https://storage.googleapis.com/stag-fullstorage https://storage.googleapis.com/fullstorage wss://rtmserver.anywhereworks.com/ wss://stagingrtm.anywhereworks.com https://o151188.ingest.sentry.io https://cdn.linkedin.oribi.io/partner/ https://consentcdn.cookiebot.com/ https://px.ads.linkedin.com/ https://*.googlesyndication.com/ https://o151188.ingest.us.sentry.io https://consentcdn.cookiebot.eu/ https://www.google.com/ccm/ https://capig.stape.cc/ https://www.googletagmanager.com/ https://analytics.tiktok.com/ ;media-src 'self' https://ssl.gstatic.com/ https://storage.googleapis.com/livesupport/ https://storage.googleapis.com/answerconnect-website/common/audio/ https://assets.answerconnect.com/anywhereworks/videos/ https://*.chatsupport.co https://assets.answerconnect.com/answerconnect/uk/website/media/ ;frame-src 'self' https://bid.g.doubleclick.net/ https://optimize.google.com/ https://*.setmore.com/ https://www.googletagmanager.com/ https://widget.trustpilot.com/ https://www.facebook.com/ https://www.youtube.com/ https://consentcdn.cookiebot.com/ https://consent.cookiebot.com/ https://td.doubleclick.net/ https://www.youtube-nocookie.com/ https://consentcdn.cookiebot.eu/ ;object-src 'self' https://storage.googleapis.com/branddesignmanager/AnswerconnectWebsite/redesign/pdf/;sandbox allow-popups allow-popups-to-escape-sandbox allow-scripts allow-forms allow-same-origin allow-downloads;worker-src 'self' blob:
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
2 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Caching Headers
2 headers
Expires
Caching
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Caching
Wed, 28 Jan 2026 19:48:33 GMT
Content Headers
1 headers
Content-Type
Content
text/html;charset=utf-8
Server Headers
1 headers
Server
Server
Google Frontend
CORS Headers
3 headers
Access-Control-Allow-Headers
Cors
Origin, Content-Type, Accept
Access-Control-Allow-Methods
Cors
GET
Access-Control-Allow-Origin
Cors
https://www.answerconnect.co.uk
Cookies Headers
1 headers
Set-Cookie
Cookies
JSESSIONID=node011761in10nrsh1s60bt9way53p2651.node0; Path=/
Other Headers
5 headers
Alt-Svc
Other
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Other
Wed, 28 Jan 2026 19:48:33 GMT
Resp-Time
Other
1769629713404
Via
Other
1.1 google
X-Permitted-Cross-Domain-Policies
Other
none
Recommendations
Enable compression (gzip/brotli) to improve performance
Add Cache-Control header to optimize caching