Cache-Control | no-cache, no-store |
Pragma | no-cache |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Expires | -1 |
Vary | Accept-Encoding |
Server | |
Content-Security-Policy-Report-Only | default-src *; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.msecnd.net https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://s3.amazonaws.com https://script.crazyegg.com; style-src 'self' data: 'unsafe-inline'; img-src * data:; font-src * 'self' data:; child-src 'self' www.google.com sdn.sitecore.net *.vimeo.com www.youtube.com samsungtvapps.co.uk; frame-ancestors 'self'; report-uri https://3chillies.report-uri.io/r/default/csp/reportOnly; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Access-Control-Allow-Origin | * |
Access-Control-Allow-Methods | POST, GET, OPTIONS |
Access-Control-Allow-Headers | Content-Type, Accept |
Connection | close |
X-Iinfo | 9-10438704-10438706 NNNN CT(86 88 0) RT(1519287516907 11) q(0 0 1 -1) r(3 3) U5 |
X-CDN | Incapsula |