| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Etag | "vmpkjcxr1c67ge" |
| X-Cache | Miss from cloudfront |
| Content-Security-Policy-Report-Only | default-src 'self' https:; script-src 'unsafe-inline' 'unsafe-eval' assets.adobedtm.com *.belong.com.au *.belongtest.com.au telstra.demdex.net teamtelstra.demdex.net *.newrelic.com bam.nr-data.com *.hotjar.com www.google-analytics.com www.googletagmanager.com *.taboola.com *.adalyser.com connect.facebook.net pixel.byspotify.com verifi.podscribe.com ct.pinterest.com s.pinimg.com; style-src https: 'unsafe-inline'; connect-src https: wss: 'unsafe-inline'; media-src 'self' data: *.ctfassets.net; worker-src 'self' blob:; child-src 'self' blob:; font-src 'self' data: fonts.gstatic.com simpleui-au.vixverify.com *.hotjar.com; manifest-src 'self'; img-src 'self' data: android-webview-video-poster: *.contentful.com fonts.gstatic.com *.paypal.com www.paypalobjects.com *.ctfassets.net *.doubleclick.net *.analytics.google.com *.adalyser.com cm.everesttech.net *.google-analytics.com www.googletagmanager.com sp.analytics.yahoo.com *.taboola.com www.facebook.com *.cloudfunctions.net dpm.demdex.net *.adsrvr.org verifi.podscribe.com; frame-src 'self' belong://* *.kaptcha.com *.paypal.com www.paypalobjects.com mobilemaps.net.au *.cdn.optimizely.com www.youtube.com assets.braintreegateway.com *.telstra.com.au telstra.demdex.net teamtelstra.demdex.net *.adsrvr.org tsdtocl.com *.doubleclick.net *.hotjar.com lpcdn.lpsnmedia.net ct.pinterest.com; frame-ancestors 'self' *.belong-services.com.au; object-src 'self'; report-uri https://belong.report-uri.com/r/t/csp/reportOnly; report-to default; |
| Connection | keep-alive |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| Via | 1.1 0f614fbd956590bdb4b3def9e1395ca6.cloudfront.net (CloudFront) |
| X-Amz-Cf-Pop | DUS51-P4 |
| X-Amz-Cf-Id | mzpMyIs1QIQ0pJID_NLoQGA-Y_JD1tM2Z4Ms8Ze5r6ZkBAdaLNVX2A== |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| Content-Type | text/html; charset=utf-8 |
| Date | Wed, 09 Apr 2025 22:18:16 GMT |
| Vary | Accept-Encoding |
| Report-To | {"group":"default","max_age":31536000,"endpoints":[{"url":"https://belong.report-uri.com/a/t/g"}],"include_subdomains":true} |
| Referrer-Policy | strict-origin-when-cross-origin |
| Set-Cookie | session=4bd8422f-55d7-4391-a6cc-c7780110de56; Path=/; Secure |
| Cache-Control | private, no-cache, no-store, max-age=0, must-revalidate |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar