psychology.org.au | Analytics by SecurityHeaders

HTTP Headers report for psychology.org.au

Header Name Header Data
HTTP status code 200
Cache-Control no-cache, no-store, must-revalidate
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ssl.google-analytics.com www.googletagmanager.com www.google-analytics.com maps.googleapis.com ajax.googleapis.com www.google.com www.gstatic.com code.jquery.com connect.facebook.net snap.licdn.com *.hotjar.com js.braintreegateway.com assets.braintreegateway.com static.cloudflareinsights.com player.vimeo.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com code.jquery.com snap.licdn.com static.hotjar.com maxcdn.bootstrapcdn.com; img-src 'self' data: *.google-analytics.com www.google.com www.googletagmanager.com www.google.com.au www.googletagmanager.com.au maps.googleapis.com maps.gstatic.com code.jquery.com www.facebook.com connect.facebook.net px.ads.linkedin.com assets.braintreegateway.com maps.gstatic.com i.vimeocdn.com *.s3.ap-southeast-2.amazonaws.com *.blob.core.windows.net; font-src 'self' data: www.google.com.au *.hotjar.com fonts.gstatic.com; connect-src 'self' *.google-analytics.com *.google.com maps.googleapis.com px.ads.linkedin.com *.hotjar.io wss://ws.hotjar.com api.braintreegateway.com client-analytics.braintreegateway.com *.braintree-api.com; media-src 'self'; object-src 'none'; frame-src 'self' www.google.com www.youtube.com www.googletagmanager.com td.doubleclick.net assets.braintreegateway.com form.psychology.org.au player.vimeo.com vimeo.com maps.google.com cdn.flipsnack.com www.cliniko.com; frame-ancestors 'self';
Cf-Cache-Status DYNAMIC
Connection keep-alive
Pragma no-cache
Set-Cookie CMSPreferredCulture=en-AU; expires=Fri, 17-Apr-2026 10:12:31 GMT; path=/; HttpOnly
Vary Accept-Encoding
X-Ua-Compatible IE=Edge
Content-Type text/html; charset=utf-8
Expires -1
Server cloudflare
Cf-Ray 931b24fe4d1a8072-AMS
Date Thu, 17 Apr 2025 10:12:32 GMT
Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods POST,GET,OPTIONS,PUT,DELETE
X-Content-Type-Options nosniff

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar