Content-Security-Policy | connect-src *.mycareersfuture.sg *.app.gov.sg *.cwp-stg.sg https://s3-ap-southeast-1.amazonaws.com; default-src 'self' *.mycareersfuture.sg *.app.gov.sg; font-src https://cdnjs.cloudflare.com *.mycareersfuture.sg *.app.gov.sg fonts.gstatic.com; img-src data: 'self' www.google-analytics.com https://s3-ap-southeast-1.amazonaws.com *.cwp-stg.sg *.onemap.sg/ https://cdnjs.cloudflare.com *.mycareersfuture.sg; script-src *.mycareersfuture.sg *.app.gov.sg www.google-analytics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cdnjs.cloudflare.com *.mycareersfuture.sg *.app.gov.sg fonts.googleapis.com unpkg.com 'unsafe-inline'; child-src joe853.typeform.com |
X-DNS-Prefetch-Control | off |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Download-Options | noopen |
X-Content-Type-Options | nosniff |
Referrer-Policy | no-referrer |
X-XSS-Protection | 1; mode=block |
Content-Type | text/html; charset=utf-8 |
ETag | W/"1682-2UuWjiazrUwLeawgVOmmQk87JwM" |
Vary | Accept-Encoding |
Cache-control | private |
Transfer-Encoding | chunked |