HTTP Headers Analysis for https://care.bt.com

Detected Technologies from Headers

See all in URL Inspect 5

AWS

AWS CloudFront

Imperva

Next.js

Sprinklr Active incidents

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Basic

frame-ancestors; default-src Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

interest-cohort=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

Age

Caching

248

Etag

Caching

"fjve2n2paf5c4"

age: 248
etag: "fjve2n2paf5c4"

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

X-Powered-By

Server

Next.js

x-powered-by: Next.js

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: visid_incap_3141921=EJngZ6gsTGmowReywZbjdvIN62kAAAAAQUIPAAAAAACprvILkpodAkXDmelwomi9; expires=Fri, 23 Apr 2027 07:22:52 GMT; HttpOnly; path=/; Domain=.bt.com; Secure; SameSite=None
nlbi_3141921_3174521=+Ej+IkaSyULb8Zj7ClfqwgAAAADuiUAiJMOF3EN0Twwygbs2; HttpOnly; path=/; Domain=.bt.com; Secure; SameSite=None
incap_ses_186_3141921=hGsjRIbR+Qj09tMZlM6UAvMN62kAAAAA1Rn3i5AvcMkBsiyCjfFGRQ==; path=/; Domain=.bt.com; Secure; SameSite=None

Other Headers

Apigw-Requestid

Other

cT8eHgx2LPEEM4Q=

Date

Other

Fri, 24 Apr 2026 06:30:11 GMT

Feature-Policy

Other

geolocation 'self'

Via

Other

1.1 705006fd3a976dfe3e44cb9e00b9069c.cloudfront.net (CloudFront)

X-Amz-Cf-Id

Other

5LUDSBU2I9RzXbG_ncavLKUjSTVKfCKC7RvzB1d-GutjidJRE1QmQA==

X-Amz-Cf-Pop

Other

LHR61-P6

X-Amzn-Remapped-Connection

Other

keep-alive

X-Amzn-Remapped-Content-Length

Other

6918

X-Amzn-Remapped-Date

Other

Fri, 24 Apr 2026 06:26:03 GMT

X-Amzn-Requestid

Other

19fd7e62-09be-451b-b9ec-28f3cf2dcf71

X-Amzn-Trace-Id

Other

Root=1-69eb0cfb-24b47c206e56adb65f53e397;Parent=7d27b15af093b539;Sampled=0;Lineage=1:8116b42d:0

X-Cache

Other

Hit from cloudfront

X-Cdn

Other

Imperva

X-Iinfo

Other

9-21373969-21373990 NNNN CT(71 78 0) RT(1777012211083 247) q(0 0 2 2) r(5 5) U12

apigw-requestid: cT8eHgx2LPEEM4Q=
date: Fri, 24 Apr 2026 06:30:11 GMT
feature-policy: geolocation 'self'
via: 1.1 705006fd3a976dfe3e44cb9e00b9069c.cloudfront.net (CloudFront)
x-amz-cf-id: 5LUDSBU2I9RzXbG_ncavLKUjSTVKfCKC7RvzB1d-GutjidJRE1QmQA==
x-amz-cf-pop: LHR61-P6
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-content-length: 6918
x-amzn-remapped-date: Fri, 24 Apr 2026 06:26:03 GMT
x-amzn-requestid: 19fd7e62-09be-451b-b9ec-28f3cf2dcf71
x-amzn-trace-id: Root=1-69eb0cfb-24b47c206e56adb65f53e397;Parent=7d27b15af093b539;Sampled=0;Lineage=1:8116b42d:0
x-cache: Hit from cloudfront
x-cdn: Imperva
x-iinfo: 9-21373969-21373990 NNNN CT(71 78 0) RT(1777012211083 247) q(0 0 2 2) r(5 5) U12

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching

Consider removing X-Powered-By header to hide server technology