Content-Type | text/html |
Transfer-Encoding | chunked |
Connection | keep-alive |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate, post-check=0, pre-check=0 |
Pragma | no-cache |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-WebKit-CSP | default-src 'self'; child-src *.facebook.com platform.twitter.com *.g.doubleclick.net *.google.com *.google.ca; frame-src *.facebook.com platform.twitter.com *.g.doubleclick.net *.youtube.com *.google.com *.google.ca; connect-src 'self' *:888; font-src 'self' data:; form-action 'self' store.payproglobal.com secure.avangate.com; frame-ancestors 'self'; img-src 'self' data: *.google.com *.google.ca trustzoneurl.com trustzonepost.xyz *.g.doubleclick.net *.facebook.com syndication.twitter.com seal.digicert.com www.google-analytics.com; media-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com a.trust.zone platform.twitter.com connect.facebook.net www.gstatic.com www.googleadservices.com *.google-analytics.com seal.digicert.com; report-uri https://trust.zone/_csp_log |
X-Content-Security-Policy | default-src 'self'; child-src *.facebook.com platform.twitter.com *.g.doubleclick.net *.google.com *.google.ca; frame-src *.facebook.com platform.twitter.com *.g.doubleclick.net *.youtube.com *.google.com *.google.ca; connect-src 'self' *:888; font-src 'self' data:; form-action 'self' store.payproglobal.com secure.avangate.com; frame-ancestors 'self'; img-src 'self' data: *.google.com *.google.ca trustzoneurl.com trustzonepost.xyz *.g.doubleclick.net *.facebook.com syndication.twitter.com seal.digicert.com www.google-analytics.com; media-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com a.trust.zone platform.twitter.com connect.facebook.net www.gstatic.com www.googleadservices.com *.google-analytics.com seal.digicert.com; report-uri https://trust.zone/_csp_log |
Content-Security-Policy | default-src 'self'; child-src *.facebook.com platform.twitter.com *.g.doubleclick.net *.google.com *.google.ca; frame-src *.facebook.com platform.twitter.com *.g.doubleclick.net *.youtube.com *.google.com *.google.ca; connect-src 'self' *:888; font-src 'self' data:; form-action 'self' store.payproglobal.com secure.avangate.com; frame-ancestors 'self'; img-src 'self' data: *.google.com *.google.ca trustzoneurl.com trustzonepost.xyz *.g.doubleclick.net *.facebook.com syndication.twitter.com seal.digicert.com www.google-analytics.com; media-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com a.trust.zone platform.twitter.com connect.facebook.net www.gstatic.com www.googleadservices.com *.google-analytics.com seal.digicert.com; report-uri https://trust.zone/_csp_log |
Strict-Transport-Security | max-age=2592000 |
Expect-CT | max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" |
Server | cloudflare |
CF-RAY | 3fab41662f633f77-YUL |
Content-Encoding | gzip |