HTTP/1.1 200 OK
Date: Thu, 08 Apr 2021 01:43:48 GMT
Server: CSIRO
Link: <https://www.cawcr.gov.au/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000; includeSubdomains;
Content-Security-Policy: default-src 'self' *.csiro.au;                         base-uri 'self';                         connect-src 'self' *.csiro.au yoast.com *.google-analytics.com *.googleapis.com *.doubleclick.net vimeo.com *.youtube.com *.tableau.com *.zdassets.com *.zendesk.com;                         script-src 'unsafe-eval' 'unsafe-inline' 'self' data: *.csiro.au *.jquery.com *.aspnetcdn.com *.googletagmanager.com *.twitter.com *.twimg.com *.instagram.com *.list-manage.com *.fontawesome.com cdn.jsdelivr.net oss.maxcdn.com *.wp.com *.w.org secure.gravatar.com *.google-analytics.com *.cloudfront.net sw.js apis.google.com *.googleapis.com cdnjs.cloudflare.com https://www.google.com *.gstatic.com *.vimeo.com *.youtube.com https://connect.facebook.net *.whooshka.com *.amazonaws.com *.tableau.com *.zdassets.com *.altmetric.com;                         style-src 'unsafe-inline' 'self' data: *.csiro.au *.wp.com *.w.org fonts.googleapis.com *.google-analytics.com *.twitter.com *.instagram.com secure.gravatar.com *.gstatic.com maxcdn.bootstrapcdn.com *.fontawesome.com *.mailchimp.com s3.amazonaws.com *.cloudfront.net *.whooshka.com *.tableau.com;                         img-src 'self' data: *.csiro.au *.w.org *.fbcdn.net *.instagram.com *.google-analytics.com *.googleusercontent.com *.cdninstagram.com *.facebook.com *.twimg.com *.doubleclick.net *.google-analytcs.com *.twitter.com *.instagram.com *.wp.com *.w.org *.googleapis.com secure.gravatar.com *.gstatic.com *.whooshka.com *.altmetric.com *.cloudfront.net;                         font-src 'self' data: *.fontawesome.com *.csiro.au wordpress.com *.wp.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com;                         media-src 'self' *.csiro.au *.vimeo.com *.youtube.com; 			child-src 'self' widgets.wp.com *.kaltura.com youtube.com *.google.com jetpack.wordpress.com akismet.com *.twitter.com *.instagram.com *.spotify.com *.youtube.com *.tableau.com *.facebook.com *.vimeo.com *.whooshkaa.com *.mailchimp.com;                         frame-ancestors 'self' *.tableau.com;                         form-action 'self' *.csiro.au *.google.com akismet.com *.twitter.com *.facebook.com;                         plugin-types application/x-java-applet application/pdf;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain: master-only
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8