X-Frame-Options | Deny |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | connect-src 'self'; default-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' *.facebook.com; img-src 'self' *.facebook.com *.google-analytics.com data:; media-src 'self'; object-src 'self' 'unsafe-eval'; script-src 'self' *.facebook.net *.google-analytics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' |
Accept-Ranges | bytes |
Cache-Control | public, max-age=0 |
Last-Modified | Mon, 21 Mar 2016 11:42:19 GMT |
ETag | W/"4744-15398fb9b34" |
Content-Type | text/html; charset=UTF-8 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Connection | keep-alive |
Transfer-Encoding | chunked |