Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate |
Pragma | no-cache |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src 'none'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ajax.googleapis.com https://maxcdn.bootstrapcdn.com https://maps.googleapis.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com; style-src 'self' https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: https://maps.gstatic.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com; font-src 'self' data: https://fonts.gstatic.com https://ajax.googleapis.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://maps.googleapis.com; form-action 'self'; upgrade-insecure-requests; report-uri https://herbertwoods.report-uri.io/r/default/csp/enforce |
MC | POuOZlRdlFNL66Yv0FqsDJ61rW9du2r/Z1+ivmz9YJ6ufR9LWkfQC+nuLWXoeN8E |
Strict-Transport-Security | max-age=31536000; includeSubdomains |
X-UA-Compatible | IE=edge,chrome=1 |
Content-Encoding | gzip |