| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Cache-Control | max-age=3600, public |
| Date | Thu, 17 Apr 2025 02:48:44 GMT |
| Server | * |
| X-Sap-Pad | 900640 |
| Etag | W/"7e0-DGcITjdlk4Z5mCl+XBrUH8+cVkA-gzip" |
| Expires | Thu, 17 Apr 2025 03:48:44 GMT |
| Set-Cookie | visid_incap_1902481=BZGYZfyDSF2LSI9aKjkRoAxsAGgAAAAAQUIPAAAAAAAnSBjt4vI1xxOULneovrB4; expires=Thu, 16 Apr 2026 22:45:22 GMT; HttpOnly; path=/; Domain=.priceline.com.au; Secure; SameSite=None |
| X-Content-Type-Options | nosniff |
| Vary | Accept-Encoding,User-Agent |
| X-Iinfo | 1-8438613-8438022 2cNN RT(1744858124974 3) q(0 0 0 0) r(0 0) U19 |
| Content-Type | text/html; charset=utf-8 |
| X-Powered-By | Express |
| Content-Security-Policy-Report-Only | default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: trends.revcontent.com *.optimizely.com www.google.co.id estore2-outage.s3.ap-southeast-2.amazonaws.com cdn.honey.io www.google.com.mx cm.adform.net ad.yieldlab.net i.liadm.com www.google.com.ph analytics.google.com cdn.jsdelivr.net www.google.ro criteo-partners.tremorhub.com client-analytics.braintreegateway.com www.priceline.com.au www.google.com.vn www.google.com.au adservice.google.com mon-va.tiktokv.com; frame-ancestors 'self' *.priceline.com.au; form-action *.pinterest.com *.facebook.com; connect-src 'self' analytics.google.com *.google.co.in vc.hotjar.io api.braintreegateway.com payments.braintree-api.com www.google-analytics.com *.doubleclick.net *.googleapis.com ct.pinterest.com *.hotjar.com iploc.tryzens-analytics.com:12443 *.tryzens-analytics.com:12280 api.priceline.com.au api.cb55tqh30c-australia1-p1-public.model-t.cc.commerce.ondemand.com api.priceline.com.au analytics.tiktok.com wsp16.hotjar.com csmetrics.hotjar.com wsp14.hotjar.com content.hotjar.io *.clarity.ms bat.bing.com *.rest.iad-07.braze.com; font-src 'self' data: saas-p2w.azurewebsites.net use.fontawesome.com fonts.gstatic.com; frame-src 'self' *.priceline.com.au checkout.paypal.com assets.braintreegateway.com open.spotify.com www.youtube.com www.facebook.com *.criteo.net ct.pinterest.com *.adsrvr.org *.criteo.com *.doubleclick.net www.googletagmanager.com; object-src 'none'; img-src 'self' data: www.googletagmanager.com c.bing.com www.google.com www.google.co.in www.google-analytics.com *.googleapis.com maps.gstatic.com cdn.aralego.net ads.stickyadstv.com match.adsrvr.org sync.aralego.com e1.emxdgt.com sync-criteo.ads.yieldmo.com ade.clmbtech.com s.ad.smaato.net simage2.pubmatic.com sync.outbrain.com c.bing.co exchange.mediavine.com idsync.rlcdn.com ad.360yield.com cs.adingo.jp adx.dable.io tg.socdm.com adgen.socdm.com ups.analytics.yahoo.com eb2.3lift.com criteo-sync.teads.tv *.taboola.com match.sharethrough.com *.rubiconproject.com contextual.media.net secure.adnxs.com ib.adnxs.com *.doubleclick.net *.bidswitch.net *.casalemedia.com *.criteo.com *.smartadserver.com ct.pinterest.com www.facebook.com logs-01.loggly.com cm.adgrx.com um.simpli.fi match.deepintent.com api.priceline.com.au api.cb55tqh30c-australia1-p1-public.model-t.cc.commerce.ondemand.com px.ads.linkedin.com sync.1rx.io api.priceline.com.au tr.outbrain.com saas-p2w.azurewebsites.net i.ytimg.com 1f2e7.v.fwmrm.net pr-bh.ybp.yahoo.com fonts.gstatic.com bat.bing.com c.clarity.ms sp.analytics.yahoo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.priceline.com.au saas-p2w.azurewebsites.net www.googletagmanager.com *.googleapis.com *.criteo.com d.impactradius-event.com *.tiktok.com js.adsrvr.org *.hotjar.com *.pinimg.com *.facebook.net www.google-analytics.com *.criteo.com bat.bing.com www.clarity.ms s.yimg.com; style-src 'self' 'unsafe-inline' saas-p2w.azurewebsites.net use.fontawesome.com *.googleapis.com www.googletagmanager.com; report-uri https://289r1hnfc9.execute-api.eu-west-1.amazonaws.com/prod/apiclient-cspdata |
| X-Cdn | Imperva |
| Strict-Transport-Security | max-age=15724800 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar