Cache-Control | private |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Vary | Accept-Encoding,Accept-Encoding |
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SAMEORIGIN, SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1;mode=block |
Content-Security-Policy | script-src 'self' www.google.com www.google-analytics.com ajax.googleapis.com az732725.vo.msecnd.net bam.nr-data.net 'unsafe-inline' 'unsafe-eval';style-src 'self' az732725.vo.msecnd.net fonts.googleapis.com 'unsafe-inline';img-src 'self' az732725.vo.msecnd.net www.google-analytics.com www.google.com data:;object-src 'self' |
X-Content-Security-Policy | script-src 'self' www.google.com www.google-analytics.com ajax.googleapis.com az732725.vo.msecnd.net bam.nr-data.net 'unsafe-inline' 'unsafe-eval';style-src 'self' az732725.vo.msecnd.net fonts.googleapis.com 'unsafe-inline';img-src 'self' az732725.vo.msecnd.net www.google-analytics.com www.google.com data:;object-src 'self' |
X-Webkit-CSP | script-src 'self' www.google.com www.google-analytics.com ajax.googleapis.com az732725.vo.msecnd.net bam.nr-data.net 'unsafe-inline' 'unsafe-eval';style-src 'self' az732725.vo.msecnd.net fonts.googleapis.com 'unsafe-inline';img-src 'self' az732725.vo.msecnd.net www.google-analytics.com www.google.com data:;object-src 'self' |