Cache-Control | no-cache |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
Content-Security-Policy | default-src 'self' blob: content.jwplatform.com *.jwpsrv.com *.jwpcdn.com; script-src 'self' https: blob: ajax.googleapis.com 'unsafe-inline' 'unsafe-eval' content.jwplatform.com *.jwpcdn.com jwpltx.com; style-src 'self' https fast.fonts.com 'unsafe-inline'; img-src 'self' data: www.google.com https://www.gravatar.com content.jwplatform.com *.jwpcdn.com jwpltx.com assets-jpcust.jwpsrv.com img.youtube.com www.youtube.com i.ytimg.com; media-src * 'self' blob: blob; frame-src 'self' docs.google.com www.youtube.com; font-src 'self' https fast.fonts.com netdna.bootstrapcdn.com ssl.p.jwpcdn.com assets-jpcust.jwpsrv.com |
Content-Encoding | gzip |
Vary | Accept-Encoding,User-Agent |
Connection | keep-alive, close |
Content-Type | text/html; charset=UTF-8 |