Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Cache-Control | public, max-age=7159 |
Expires | Mon, 19 Feb 2018 08:45:44 GMT |
Vary | * |
Content-Security-Policy | default-src 'none';block-all-mixed-content;base-uri 'self';connect-src 'self' checkout.stripe.com qrng.anu.edu.au stats.g.doubleclick.net wss://*.zopim.com www.facebook.com www.paypal.com;font-src 'self' data: cdn1.randomdraws.com cdn2.randomdraws.com www.randomdraws.com fonts.gstatic.com v2.zopim.com;frame-ancestors 'self';form-action 'self' www.facebook.com;frame-src 'self' accounts.google.com www.google.com bid.g.doubleclick.net checkout.stripe.com content.googleapis.com tpc.googlesyndication.com www.facebook.com www.paypal.com www.youtube.com;img-src 'self' data: *.googleusercontent.com *.ytimg.com cdn1.randomdraws.com cdn2.randomdraws.com www.randomdraws.com bat.bing.com csi.gstatic.com ssl.gstatic.com www.gstatic.com googleads.g.doubleclick.net stats.g.doubleclick.net fonts.googleapis.com in.getclicky.com q.stripe.com v2.zopim.com www.facebook.com www.google.ca www.google.co.nz www.google.co.th www.google.co.uk www.google.com www.google.com.au www.google.fr www.google-analytics.com www.googleadservices.com www.paypal.com www.paypalobjects.com;manifest-src 'self' cdn1.randomdraws.com cdn2.randomdraws.com www.randomdraws.com;media-src v2.zopim.com;object-src 'self';plugin-types application/pdf;script-src 'self' *.zopim.com cdn1.randomdraws.com cdn2.randomdraws.com www.randomdraws.com apis.google.com plus.google.com bat.bing.com cdn.ywxi.net checkout.stripe.com connect.facebook.net googleads.g.doubleclick.net/pagead/conversion_async.js googleads.g.doubleclick.net/pagead/viewthroughconversion/ in.getclicky.com static.getclicky.com s.ytimg.com/yts/jsbin/ tpc.googlesyndication.com www.google.com/js/bg/ www.google.com/recaptcha/ www.google.com.au/ads/user-lists/ www.google-analytics.com www.googleadservices.com/pagead/ www.gstatic.com/recaptcha/ www.paypal.com www.paypalobjects.com www.youtube.com/iframe_api www.youtube.com/yts/jsbin/;style-src 'self' 'unsafe-inline' cdn1.randomdraws.com cdn2.randomdraws.com www.randomdraws.com fonts.googleapis.com;report-uri /error/csp/ |
Referrer-Policy | origin-when-cross-origin,strict-origin-when-cross-origin |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1;mode=block |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
Expect-CT | max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" |
Server | cloudflare |
CF-RAY | 3ef744d578463fb3-YUL |
Content-Encoding | gzip |