Cache-Control | private, max-age=10800, pre-check=10800 |
Content-Type | text/html; charset=UTF-8 |
Content-Encoding | gzip |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Last-Modified | Wed, 25 Sep 2013 05:18:00 GMT |
Vary | Accept-Encoding |
X-Powered-By | ASP.NET |
!!Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.quotepro.com *.processmyquote.com *.jquery.com oss.maxcdn.com stats.g.doubleclick.net *.googleapis.com *.google-analytics.com *.googleadservices.com *.google.com *.cloudflare.com; img-src 'self' data: *.interssl.com *.jquery.com stats.g.doubleclick.net *.google-analytics.com *.googleadservices.com *.google.com *.processmyquote.com; style-src 'self' 'unsafe-inline' *.processmyquote.com *.googleapis.com *.paypal.com *.jquery.com oss.maxcdn.com stats.g.doubleclick.net *.google-analytics.com *.googleadservices.com *.google.com ; child-src 'self' *.quotepro.com *.jquery.com *.processmyquote.com *.google-analytics.com *.googleadservices.com *.google.com *.cloudflare.com; frame-src 'self' *.processmyquote.com aq.processmyquote.com |
11Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
11X-Content-Type-Options | nosniff |
11X-XSS-Protection | 1; mode=block |
NOOOOO!!!!!X-Frame-Options | ALLOW-FROM https://*.quotepro.com/ |
11Expect-CT | enforce; max-age=2764800 |
11Public-Key-Pins | pin-sha256="base64=="; max-age=expireTime [; includeSubDomains][; report-uri="http://www.quotepro.com/report.php"] |
11Referrer-Policy | HI |
Server | Microsoft-IIS/9.0 |