woolworthsinsurance.com.au | Analytics by SecurityHeaders

HTTP Headers report for woolworthsinsurance.com.au

Header Name Header Data
HTTP status code 200
Date Sat, 19 Apr 2025 04:48:41 GMT
Vary Accept-Encoding
X-Timer S1745038121.038084,VS0,VS0,VE103
Content-Type text/html;charset=utf-8
X-Vhost https://insurance.everyday.com.au
Accept-Ranges bytes
X-Akamai-Transformed 9 18110 0 pmb=mRUM,2
Cache-Control max-age=300
Expires Sat, 19 Apr 2025 04:53:41 GMT
Server-Timing cdn-cache; desc=REVALIDATE
Referrer-Policy strict-origin
X-Frame-Options SAMEORIGIN
X-Content-Type-Options nosniff
X-Served-By cache-qpg120084-QPG
Connection keep-alive
Set-Cookie affinity="20bfdbbc3170ace1"; Path=/; HttpOnly; secure
Strict-Transport-Security max-age=86400 ; includeSubDomains
Content-Security-Policy default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' https://chatwidget.woolworths.com.au https://storage.googleapis.com/inbenta-insurance-website/dist/inbenta-conf_new.min.js https://storage.googleapis.com/inbenta-insurance-website/dist/inbenta-conf__myinsuranceportal_new.min.js *.adobeaemcloud.com.seg.js *.cdnjs.cloudflare.com *.go-mpulse.net *.inbenta.com *.quickstream.support.qvalent.com *.woolworths.com.au api.inbenta.io api.quickstream.westpac.com.au api.sandbox.wpay2.gr4vy.app assets.adobedtm.com cdnjs.cloudflare.com collector-3418.tvsquared.com connect.facebook.net d.impactradius-event.com edge.quantserve.com euob.cityrobotflower.com gateway.zscalertwo.net googleads.g.doubleclick.net h.online-metrix.net js-cdn.dynatrace.com maps.googleapis.com nebula-cdn.kampyle.com obseu.cityrobotflower.com quickweb.westpac.com.au rules.quantcount.com s.go-mpulse.net sdk.inbenta.io secure.quantserve.com tags.tiqcdn.com visitor-service-ap-southeast-2.tealiumiq.com visitor-service.tealiumiq.com woolworthsfoodgroup.sc.omtrdc.net www.google-analytics.com www.googletagmanager.com www.youtube.com api.wpay2.gr4vy.app bf97804kct.bf.dynatrace.com *.inbenta.services js.hcaptcha.com nebula-cdn.kampyle.com edge.fullstory.com md-scp.kampyle.com cdn-f.gr4vy.com cdn1.adoberesources.net applepay.cdn-apple.com pay.google.com analytics.tiktok.com js.humanablecx.com www.googleadservices.com ; style-src 'report-sample' 'self' 'unsafe-inline' https://chatwidget.woolworths.com.au sdk.inbenta.io *.inbenta.services nebula-cdn.kampyle.com md-scp.kampyle.com fonts.googleapis.com ; object-src 'none'; base-uri 'self'; connect-src 'self' https://chatwidget.woolworths.com.au https://storage.googleapis.com *.akamaihd.net *.akstat.io *.everyday.com.au *.everydaytravelinsurance.com.au *.go-mpulse.net *.woolworths.com.au *.woolworthsrewards.com.au api-gca01.inbenta.io api.inbenta.io api.wpay2.gr4vy.app api.sandbox.wpay2.gr4vy.app capi.wpay.com.au collect-ap-southeast-2.tealiumiq.com dpm.demdex.net maps.googleapis.com obseu.cityrobotflower.com quickweb.westpac.com.au pixel.quantcount.com udc-neb.kampyle.com woolworthsfoodgroup.sc.omtrdc.net woolworthsfoodgroup.tt.omtrdc.net www.google-analytics.com bf97804kct.bf.dynatrace.com *.inbenta.services nebula-cdn.kampyle.com md-scp.kampyle.com edge.fullstory.com rs.fullstory.com woolworthsinsurance.pxf.io d.impct.site analytics-fe.digital-cloud-syd1.medallia.com.au cdn-f.gr4vy.com *.vchat.com.au adobedc.demdex.net *.vetchat.com.au edge.adobedc.net google.com analytics.tiktok.com www.google.com analytics.humanablecx.com ; font-src 'self' cdn.inbenta.io sdk.inbenta.io nebula-cdn.kampyle.com applepay.cdn-apple.com assets.humanablecx.com ; frame-src 'self' https://chatwidget.woolworths.com.au https://storage.googleapis.com *.everyday.com.au *.fls.doubleclick.net *.quickstream.support.qvalent.com *.woolworths.com.au ad.doubleclick.net api.quickstream.westpac.com.au gateway.zscalertwo.net iframe.nonprod.payments.woolworths.com.au quickstream.support.qvalent.com quickweb.westpac.com.au secure-fields.sandbox.wpay2.gr4vy.app secure-fields.wpay2.gr4vy.app click-to-pay.sandbox.wpay2.gr4vy.app td.doubleclick.net wfg.demdex.net www.youtube.com youtube.com newassets.hcaptcha.com nebula-cdn.kampyle.com *.woolworthsrewards.com.au cdn-f.gr4vy.com click-to-pay.wpay2.gr4vy.app *.vchat.com.au *.vetchat.com.au applepay.cdn-apple.com pay.google.com ; img-src 'self' data: *.akstat.io ad.doubleclick.net api.quickstream.westpac.com.au collect-ap-southeast-2.tealiumiq.com collector-3418.tvsquared.com dev2-insurance.woolworths.com.au iframe.nonprod.payments.woolworths.com.au logs-01.loggly.com obseu.cityrobotflower.com quickweb.westpac.com.au pixel.quantserve.com s7ap1.scene7.com secure-fields.sandbox.wpay2.gr4vy.app secure-fields.wpay2.gr4vy.app udc-neb.kampyle.com woolworthsfoodgroup.sc.omtrdc.net www.facebook.com www.google-analytics.com www.google.com.au www.google.com www.googletagmanager.com nebula-cdn.kampyle.com udc-neb.kampyle.com md-scp.kampyle.com cdn-f.gr4vy.com www.gstatic.com www.googleadservices.com assets.humanablecx.com googleads.g.doubleclick.net ; manifest-src 'self'; media-src 'self' assets.humanablecx.com s7ap1.scene7.com; worker-src 'none';

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar