Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
Cache-Control | no-cache, no-store, max-age=0, must-revalidate |
Pragma | no-cache |
Expires | Fri, 01 Jan 1990 00:00:00 GMT |
Vary | Accept-Encoding, Origin |
Content-Encoding | gzip |
X-Request-Id | 5906599e-14bc-486d-b8c4-28f737cfafcc |
X-Runtime | 0.167253 |
Content-Security-Policy-Report-Only | default-src 'self'; child-src 'self' www.youtube.com player.vimeo.com staticxx.facebook.com www.facebook.com vars.hotjar.com www.google.com www.google.com.au platform.twitter.com syndication.twitter.com https://web.fremantle.wa.gov.au https://www.google.co.id; connect-src 'self' blob: api.mixpanel.com bam.nr-data.net a.tiles.mapbox.com plus.browsealoud.com insights.hotjar.com syndication.twitter.com/settings s3.amazonaws.com/ehq-production-australia/ s3.amazonaws.com/ehq-production-europe/ s3.amazonaws.com/ehq-production-canada/ s3.amazonaws.com/ehq-production-us-california/ s3-ap-southeast-2.amazonaws.com/ehq-production-australia/ s3.ca-central-1.amazonaws.com/ehq-production-canada/ s3-us-west-1.amazonaws.com/ehq-production-us-california/ s3-eu-west-1.amazonaws.com/ehq-production-europe/ https://www.google-analytics.com https://dpm.demdex.net https://digitalbalance.sc.omtrdc.net; font-src * data:; img-src * data:; media-src 'self' vimeo.com s3.amazonaws.com/btt_videos/; script-src 'self' data: 'unsafe-eval' cdn.jsdelivr.net cdnjs.cloudflare.com ajax.googleapis.com www.browsealoud.com plus.browsealoud.com maxcdn.bootstrapcdn.com www.google-analytics.com ssl.google-analytics.com api.mapbox.com assets.zendesk.com cdn.mxpnl.com cdn.ravenjs.com f1-oc.readspeaker.com epsg.io platform.twitter.com cdn.syndication.twimg.com log.pinterest.com assets.pinterest.com connect.facebook.net www.googletagmanager.com translate.google.com s.ytimg.com www.youtube.com/iframe_api s3-ap-southeast-2.amazonaws.com/ehq-bonfire-production/ d569gmo85shlr.cloudfront.net d2i63gac8idpto.cloudfront.net dksxg5o1pn16c.cloudfront.net d2gu4vothxmtom.cloudfront.net d3b3ehuo35wzeh.cloudfront.net d3sbxpiag177w8.cloudfront.net js-agent.newrelic.com bam.nr-data.net script.hotjar.com static.hotjar.com https://script.crazyegg.com https://bs.serving-sys.com https://cdn.optimizely.com https://secure-ds.serving-sys.com https://assets.adobedtm.com https://www.googleadservices.com; style-src * 'unsafe-inline'; report-uri /platform/csp_reports |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=7776000 |