| Server | Apache |
| Cache-Control | private, max-age=10800, pre-check=10800 |
| Last-Modified | Tue, 06 Feb 2018 19:20:34 GMT |
| Vary | Accept-Encoding,User-Agent |
| Content-Encoding | gzip |
| Strict-Transport-Security | max-age=10886400; includeSubDomains; preload |
| X-XSS-Protection | 1; mode=block |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| Public-Key-Pins | pin-sha256="uGS6BryHyqwUpmtO9athvdOwh1ZdySZSe8Oy34kyG4g="; pin-sha256="JRWVeBVjpju4yD/EXkJEWHsnvbMQyGXB6pxtso/cxFc="; pin-sha256="lSqtN6dwHBqe1uOqlikc88l8EYCVFKT6B6Fn/R10XaE="; pin-sha256="k1VdmcuPhxuKBBlU+7lRo8R7ElgwWLVcdF/lu309/VI="; pin-sha256="EskfQgb+D292n2yh0A286/CkG5omOaRB+R4GiMRMzb8="; pin-sha256="B5PQ6z60woVtbvhTda4HV2V2lZuWO/Fs9nPbZh58zNI="; max-age=5184000; |
| Content-Security-Policy | script-src *.midphase.com *.uk2group.com *.google.com *.bing.com *.hotjar.com platform.linkedin.com www.linkedin.com platform.twitter.com *.pingdom.net *.websitealive.com m.addthisedge.com ssl.google-analytics.com *.addthis.com *.trustpilot.com *.cloudfront.net *.visualwebsiteoptimizer.com *.adroll.com *.facebook.net www.googleadservices.com *.qualtrics.com www.google.com apis.google.com www.googletagmanager.com www.google-analytics.com cdn.syndication.twimg.com syndication.twitter.com platform.twitter.com fp.gdmdigital.com connect.facebook.net app.yieldify.com yieldify.com www.gstatic.com *.cloudfront.net tracking.websitealive.com secure.adnxs.com www.youtube.com s.ytimg.com 'self' 'unsafe-inline' 'unsafe-eval'; default-src 'self' *.midphase.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *.midphase.com fonts.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' *.midphase.com *.uk2group.com *.bing.com www.linkedin.com *.gravatar.com ssl.google-analytics.com *.pingdom.net *.websitealive.com *.adroll.com *.licdn.com *.twimg.com *.bidswitch.net *.rlcdn.com *.licdn.com www.privacytrust.com *.twitter.com *.openx.net *.doubleclick.net *.cloudfront.net *.adnxs.com go.flx1.com pbs.twimg.com platform.twitter.com *.facebook.com csi.gstatic.com syndication.twitter.com s.c.lnkd.licdn.com *.etrust.org *.gstatic.com 55b558c7-resources.bk-partnersasia.com *.visualwebsiteoptimizer.com www.google-analytics.com www.facebook.com www.google.com stats.g.doubleclick.net data:; style-src 'self' *.midphase.com *.twitter.com *.google.com *.pingdom.net *.websitealive.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.cloudfront.net 'unsafe-inline'; frame-src 'self' *.midphase.com *.uk2group.com *.hotjar.com platform.twitter.com *.websitealive.com staticxx.facebook.com *.addthis.com *.trustpilot.com *.google.com www.youtube.com app.yieldify.com accounts.google.com apis.google.com www.facebook.com; connect-src 'self' *.midphase.com m.addthis.com *.pingdom.net *.twitter.com *.hotjar.com wss://ws2.hotjar.com wss://ws4.hotjar.com *.visualwebsiteoptimizer.com geo.yieldify.com; |
| Keep-Alive | timeout=5, max=99 |
| Connection | Keep-Alive |
| Transfer-Encoding | chunked |
| Content-Type | text/html; charset=UTF-8 |