Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Expires | -1 |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
x-frame-options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | default-src 'none';connect-src 'self' settings.luckyorange.net cloudflare.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com www.google-analytics.com *.googleapis.com code.jquery.com cdnjs.cloudflare.com connect.facebook.net *.cloudfront.net d10lpsik1i8c69.cloudfront.net ajax.aspnetcdn.com aspnet-scripts.telerikstatic.com *.addthis.com *.addthisedge.com *.googletagmanager.com cdn.jsdelivr.net;font-src 'self' cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.cloudfront.net data:;frame-ancestors 'self';frame-src 'self' www.google.com www.facebook.com *.addthis.com *.youtube.com *.vimeo.com;img-src 'self' www.google.com www.google-analytics.com www.facebook.com *.gstatic.com *.googleapis.com *.cloudfront.net data:;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com maxcdn.bootstrapcdn.com ajax.aspnetcdn.com *.cloudfront.net cdn.jsdelivr.net |
Referrer-Policy | no-referrer |
X-Powered-By | ASP.NET |