Server | Apache/2.4.27 |
Strict-Transport-Security | max-age=3600; includeSubDomains; preload |
Upgrade | h2 |
Connection | Upgrade, Keep-Alive |
Last-Modified | Thu, 01 Feb 2018 08:16:08 GMT |
Accept-Ranges | bytes |
Cache-Control | no-cache, no-store, must-revalidate |
Expires | Fri, 23 Feb 2018 00:14:03 GMT |
Access-Control-Allow-Origin | * |
Content-Security-Policy | default-src 'self'; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; img-src 'self' data: *.google-analytics.com *.gstatic.com *.googleapis.com *.doubleclick.net *.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googleadservices.com *.doubleclick.net *.fontdeck.com; font-src 'self' *.fontdeck.com *.gstatic.com |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Pragma | no-cache |
Content-Encoding | gzip |
Keep-Alive | timeout=5, max=100 |
Content-Type | text/html; charset=UTF-8 |