walmart.ca | Analytics by SecurityHeaders

HTTP Headers report for walmart.ca

Header Name Header Data
HTTP status code 200
X-Envoy-Upstream-Service-Time 2152
X-Wcp-Orgreq-Tenantid
Cache-Control max-age=0, no-cache, no-store
Connection keep-alive
Server-Timing cdn-cache; desc=MISS
X-Prerender-Apache-Hit true
X-Wcp-Req-Path /en/hp-redesign
Expires Sun, 06 Apr 2025 14:36:28 GMT
Pragma no-cache
Date Sun, 06 Apr 2025 14:36:28 GMT
Access-Control-Allow-Origin http://www.walmart.ca
Content-Security-Policy-Report-Only child-src 'self' blob:; connect-src 'self' *.bazaarvoice.com *.criteo.com *.developer.walmart.com *.doubleclick.net *.flipp.com *.flippback.com *.flippenterprise.net *.google-analytics.com *.googlesyndication.com *.googletagmanager.com *.perimeterx.net *.px-cdn.net *.px-cloud.net *.pxchk.net *.quantummetric.com *.stylitics.com *.syndigo.cloud *.syndigo.com *.truefitcorp.com/ *.wal.co *.walmart.ca *.walmartimages.ca *.walmartimages.com a02f69a90dstg.blob.core.windows.net ads01.groovinads.com analytics.google.com azmatch.adsrvr.org b.identity.walmart.com beacon-internal.walmart.com beacon.affil.walmart.com beacon.beta-game.walmart.com beacon.beta.walmart.com beacon.classrooms.walmart.com beacon.photos.walmart.com beacon.savingscatcher.walmart.com beacon.stage.walmart.com beacon.super.lider.cl beacon.walmart.ca beacon.walmart.com beacon.www.lider.cl blob: c.bing.com c.sspinc.io c0b535ed7astg.blob.core.windows.net cdn.quantummetric.com chat-qa.walmart.com content.syndigo.com csp.walmart.com developer.api.us2.walmart.com directline.botframework.com drfdisvc.walmart.com dw.wmt.co fcc.flixcart.com fitpredictor-api.sspinc.io gum.criteo.com https://adservice.google.com https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://www-qa3.walmart.ca i.liadm.com i6.liadm.com ib.adnxs.com identity.walmart.com idsync.rlcdn.com in3.data.cloud.flipkart.net ingest.quantummetric.com maps.googleapis.com maps.gstatic.com quimby.mobile.walmart.com rl.quantummetric.com salsify-ecdn.com secure.adnxs.com securepubads.g.doubleclick.net spendanalyzer-proxy.dev.walmart.com stats.g.doubleclick.net sync.mathtag.com syndi.webcollage.net t.myvisualiq.net tap.walmart.com tax-app.prod.pgtax.tax.prod.walmart.com td.doubleclick.net tpc.googlesyndication.com tps.doubleverify.com us.creativecdn.com walmart-app.quantummetric.com walmart-sync.quantummetric.com walmart.sspinc.io wm-converse-wss.dev.walmart.com wss://directline.botframework.com wss://wm-converse-wss.dev.walmart.com www.facebook.com www.google.ca www.google.com www.googleadservices.com www.gstatic.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com *.quantummetric.com *.walmartimages.ca *.walmartimages.com; font-src 'self' *.syndigo.cloud *.syndigo.com *.wal.co *.walmartimages.ca content.syndigo.com fonts.googleapis.com fonts.gstatic.com i5.walmartimages.com syndi.webcollage.net; frame-ancestors 'self' *.walmart.ca preview.cxtools.walmart.com wallet.walmart.ca www.walmart.com; frame-src 'self' *.criteo.com *.doubleclick.net *.flippenterprise.net *.google.com *.googleadservices.com *.googlesyndication.com *.googletagmanager.com *.onetrust.com *.online-metrix.net *.quantummetric.com *.syndigo.cloud *.syndigo.com *.truefitcorp.com/ *.vimeo.com *.walmart.ca *.walmartimages.ca *.walmartimages.com adclick.g.doubleclick.net content.syndigo.com drfdisvc.walmart.com googleads.g.doubleclick.net https://console.googletagservices.com https://securepubads.g.doubleclick.net https://www.youtube.com/ https://youtu.be identity.walmart.com pagead2.googlesyndication.com salsify-ecdn.com syndi.webcollage.net tap.walmart.com tpc.googlesyndication.com vimeo.com wallet.walmart.ca wallet.walmart.com www.facebook.com www.google.com www.recaptcha.net; img-src 'self' *.bazaarvoice.com *.criteo.com *.doubleclick.net *.doubleverify.com *.flippenterprise.net *.google-analytics.com *.google.ca *.google.com *.googleadservices.com *.googlesyndication.com *.googletagmanager.com *.imrworldwide.com *.online-metrix.net *.px-cdn.net *.px-cloud.net *.stylitics.com *.syndigo.cloud *.syndigo.com *.wal.co *.walmartimages.ca *.walmartimages.com *.wishabi.com *.wishabi.net *.youtube.com 1d81e75c4337a6e2e3c2-4a69748413de5fcbd7a7a944817c2356.ssl.cf1.rackcdn.com 3d-qc.walmartimages.com 3d.walmartimages.com a02f69a90dstg.blob.core.windows.net ad.doubleclick.net ads01.groovinads.com advertising.walmart.com analytics.google.com azmatch.adsrvr.org b.identity.walmart.com beacon-internal.walmart.com beacon-wmt.walmart.com beacon.affil.walmart.com beacon.beta-game.walmart.com beacon.beta.walmart.com beacon.classrooms.walmart.com beacon.photos.walmart.com beacon.savingscatcher.walmart.com beacon.stage.walmart.com beacon.super.lider.cl beacon.walmart.ca beacon.walmart.com beacon.www.lider.cl blob: c.bing.com c0b535ed7astg.blob.core.windows.net cdn.doubleverify.com content.syndigo.com crs.midas.stg.prod.us.walmart.net crtormassetmguseprod.blob.core.windows.net cyborg-wm-auth-service-v2.jet.com data: drfdisvc.walmart.com dw.wmt.co fcc.flixcart.com google.com googleads.g.doubleclick.net gum.criteo.com i.liadm.com i6.liadm.com ib.adnxs.com idsync.rlcdn.com in3.data.cloud.flipkart.net ir.surveywall-api.survata.com maps.googleapis.com maps.gstatic.com pixel.adsafeprotected.com receipts-query-wm-stg0.edge.walmart.com receipts-query.edge.walmart.com res.cloudinary.com s0.2mdn.net secure.adnxs.com securepubads.g.doubleclick.net static.adsafeprotected.com sync.mathtag.com syndi.webcollage.net t.myvisualiq.net tap.walmart.com tpc.googlesyndication.com us.creativecdn.com wrd.walmart.com www.facebook.com www.gstatic.com www.walmart.com; manifest-src 'self'; media-src 'self' *.akamaized.net *.syndigo.cloud *.syndigo.com *.vimeo.com *.vimeocdn.com *.walmartimages.ca *.walmartimages.com 1d81e75c4337a6e2e3c2-4a69748413de5fcbd7a7a944817c2356.ssl.cf1.rackcdn.com a.sellpoint.net advertising.walmart.com akamai.ksckreate.net ca-media.contentanalyticsinc.com cc.cnetcontent.com cdn-azure.kwikee.com cdn.cnetcontent.com content.syndigo.com cyborg-wm-auth-service-v2.jet.com images.salsify.com syndi.webcollage.net vimeo.com; object-src drfdisvc.walmart.com; script-src 'self' 'strict-dynamic' 'unsafe-eval' *.criteo.com *.developer.walmart.com *.doubleclick.net *.flippback.com *.flippenterprise.net *.google-analytics.com *.google.com *.googleadservices.com *.googletagmanager.com *.px-cloud.net *.syndigo.cloud *.syndigo.com *.truefitcorp.com/ *.wal.co *.walmart.ca *.walmartimages.ca b.identity.walmart.com beacon.super.lider.cl beacon.walmart.ca beacon.walmart.com beacon.www.lider.cl blob: cdn.quantummetric.com connect.facebook.net drfdisvc.walmart.com googleads.g.doubleclick.net i5.walmartimages.com syndi.webcollage.net www.recaptcha.net 'nonce-mXZoeAqqv44zk2Rg'; style-src 'self' 'unsafe-inline' *.flippenterprise.net *.stylitics.com *.syndigo.cloud *.syndigo.com *.wal.co *.walmart.ca *.walmartimages.ca *.walmartimages.com content.syndigo.com fonts.googleapis.com rl.quantummetric.com syndi.webcollage.net walmart.sspinc.io; worker-src 'self' blob:; report-uri https://csp.walmart.com/c/r/gl
Content-Type text/html; charset=utf-8
X-Frame-Options SAMEORIGIN
Accept-Ch Downlink, DPR
X-Tb-Optimization-Total-Bytes-Saved 0
Accept-Ranges bytes
X-Wcp-Req-Tenantid qxjed8
X-Edgeconnect-Midmile-Rtt 78
Vary Accept-Encoding
Set-Cookie auth=MTAyOTYyMDE4LtMF3nO%2Fbmmw0AWFOvUl7Gp67nT2GZdWIVBaqeMwzfEbNwwiebIMisU22hiGjW9mWDGcJCUoy4bzHv87irHAazl9qH%2BD5w31Jv2YKsqNopkWwZFzu%2FKRPsae6TVJun8kj8OFN4dileb20bpDLeCIlSFd%2FHsc7bnSe4%2BTLU2zbj2I%2BqmbZjbocBmI%2FvFzb4hZ4QoDh9ff9YgMSTEJ8v3XQpe7ZIGVwQ8g0N3BqY9Ovd%2BWRXS%2FVM7dhoO5fDBksK28pGd2w9VMvEOMsmi01MtA%2F%2BLcn%2F%2Bhai5tcI0h1xdB27CAYI9z3PV94PjxS%2FZ9uupiobAa1sTAK4h1mVE%2Bapq82UiL2ofDrH4GMZTsXOK9KeNOBxa%2FrC5M3O89B3nmYLpRNbTKp3ZNLMmNDOcdgph65yCFU7YNy%2B%2B7Og%2FK1CpgYd8%3D; Max-Age=1800; Path=/; HttpOnly; Secure; SameSite=Lax
Traceparent 00-fa6412ea9d85a3eecf554f8ec9e3b3a0-a10e348a7835813a-00
X-Tb 1
X-Wcp-Orgreq-Path /en
X-Wcp-Backend-Host journey.ca-glass.k8s.prod.walmart.com
X-Edgeconnect-Origin-Mex-Latency 2229
Strict-Transport-Security max-age=86400
Last-Modified Sun, 06 Apr 2025 14:36:28 GMT

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar