| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Amz-Version-Id | h59KQp5ShBKuvf5wuuxnKQdTiUUtzh5y |
| Server | AmazonS3 |
| Vary | accept-encoding |
| X-Amz-Cf-Id | 5T5XhR8jCv-ksYiQnPNT9OfLeKl4gfo-NaSHjDVEM8EssKV3mp7mbQ== |
| Connection | keep-alive |
| Via | 1.1 459ec09472abb8544521a9b5cc6706ce.cloudfront.net (CloudFront) |
| X-Robots-Tag | noindex, nofollow |
| X-Frame-Options | DENY |
| Referrer-Policy | no-referrer |
| Content-Security-Policy | default-src 'self' *.beopen.com *.default-src *.huddle.com.au www.google.com gateway.verisk.com huddleinsurance.pxf.io *.api.gist.build *.cloud.gist.build api.productreview.com.au beopen-prod-fs-storagestorageddf1499c-1p13hcw79hpji.s3.amazonaws.com *.browser-intake-datadoghq.com browser-intake-datadoghq.com *.survicate.com analytics.google.com www.google-analytics.com maps.googleapis.com https://*.g.doubleclick.net *.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-australia-websocket.intercom.io js.intercomcdn.com cke4.ckeditor.com; font-src 'self' data: fonts.gstatic.com surveys-static.survicate.com surveys-static-prd.survicate-cdn.com media.beopen.com static.ahm.com.au rsms.me fonts.intercomcdn.com; frame-src renderer.gist.build code.gist.build js.stripe.com *.beopen.com www.google.com widget.trustpilot.com td.doubleclick.net https://4441752.fls.doubleclick.net https://*.fls.doubleclick.net www.googletagmanager.com; img-src 'self' data: * blob; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub90889c48554cfbd8c9648b5a2ba88338&dd-evp-origin=content-security-policy&ddsource=csp-report&env=production; script-src 'self' 'unsafe-eval' 'unsafe-inline' blackbox30-travel.verisk.com.au assets.customer.io code.gist.build www.googletagmanager.com survey.survicate.com surveys-static.survicate.com surveys-static-prd.survicate-cdn.com cdn.productreview.com.au utt.impactcdn.com widget.trustpilot.com cdnjs.cloudflare.com unpkg.com chimpstatic.com js.stripe.com cdn.ckeditor.com opensdk.s3-ap-southeast-2.amazonaws.com www.datadoghq-browser-agent.com secure.quantserve.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ connect.facebook.net www.google-analytics.com maps.google.com maps.googleapis.com widget.intercom.io js.intercomcdn.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com static.ahm.com.au www.insurancepoint.com.au cdn.ckeditor.com surveys-static.survicate.com surveys-static-prd.survicate-cdn.com media.beopen.com rsms.me; worker-src blob: |
| Content-Type | text/html; charset=utf-8 |
| X-Amz-Server-Side-Encryption | AES256 |
| Date | Sat, 19 Apr 2025 04:13:01 GMT |
| X-Amz-Cf-Pop | AMS58-P5 |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
| Strict-Transport-Security | max-age=600; includeSubDomains |
| Last-Modified | Tue, 01 Apr 2025 21:38:27 GMT |
| Etag | W/"46ecfa80fd81a75596a5497a681226ba" |
| X-Cache | Hit from cloudfront |
| Age | 2726 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar