Server | nginx/1.6.2 |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Powered-By | PHP 5.5.5 |
Content-Security-Policy | default-src 'self' data: * wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* http://www.youtube.com https://www.youtube.com https://graph.facebook.com/ http://graph.facebook.com/ http://staticxx.facebook.com/ https://staticxx.facebook.com/ https://www.facebook.com http://www.facebook.com data: https://localhost http://localhost https://*.zopim.com http://*.zopim.com https://fonts.gstatic.com http://fonts.gstatic.com https://file.myfontastic.com http://file.myfontastic.com https://*.cloudflare.com http://*.cloudflare.com https://*.googleapis.com http://*.googleapis.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' * wss://ws2.hotjar.com/api/v1/client/ws wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* https://rec.smartlook.com/recorder.js http://rec.smartlook.com/recorder.js https://cdn.jsdelivr.net http://malsup.github.com http://malsup.github.io https://api.facebook.com http://api.facebook.com https://graph.facebook.com/ http://graph.facebook.com/ http://connect.facebook.net/ https://connect.facebook.net/ https://*.googleapis.com http://*.googleapis.com https://unpkg.com http://unpkg.com https://code.jquery.com http://code.jquery.com https://*.zopim.com http://*.zopim.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://*.hotjar.com http://*.hotjar.com https://cdn.ampproject.org http://cdn.ampproject.org https://npmcdn.com http://npmcdn.com https://*.googleapis.com http://*.googleapis.com https://*.google-analytics.com http://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' * https://graylog.hotjar.com:12443/gelf wss://ws2.hotjar.com/api/v1/client/ws wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* wss://*.zopim.com/* https://writer.smartlook.com https://s2.getsmartlook.com ws://172.16.103.211:3000 ws://localhost:* https://code.jquery.com http://code.jquery.com wss://*.zopim.com https://*.hotjar.com http://*.hotjar.com ws://*.hotjar.com ws://127.0.0.1:35729/ https://localhost:3000 http://localhost:3000 https://*.googleapis.com http://*.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' * wss://*.hotjar.com/* http://*.hotjar.com/* https://*.hotjar.com/* https://localhost http://localhost https://*.zopim.com http://*.zopim.com https://fonts.googleapis.com http://fonts.googleapis.com https://file.myfontastic.com http://file.myfontastic.com https://*.cloudflare.com http://*.cloudflare.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' blob: data: * http://*.google-analytics.com/* https://*.google-analytics.com/* wss://*.hotjar.com/* http://*.hotjar.com/* https://*.hotjar.com/* https://www.facebook.com http://www.facebook.com https://localhost http://localhost https://*.fbcdn.net http://*.fbcdn.net https://*.zopim.com http://*.zopim.com https://*.appspot.com http://*.appspot.com https://*.gstatic.com http://*.gstatic.com https://maps.googleapis.com http://maps.googleapis.com 'unsafe-inline' 'unsafe-eval'; report-uri /report-violation |
X-Content-Security-Policy | default-src 'self' data: * wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* http://www.youtube.com https://www.youtube.com https://graph.facebook.com/ http://graph.facebook.com/ http://staticxx.facebook.com/ https://staticxx.facebook.com/ https://www.facebook.com http://www.facebook.com data: https://localhost http://localhost https://*.zopim.com http://*.zopim.com https://fonts.gstatic.com http://fonts.gstatic.com https://file.myfontastic.com http://file.myfontastic.com https://*.cloudflare.com http://*.cloudflare.com https://*.googleapis.com http://*.googleapis.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' * wss://ws2.hotjar.com/api/v1/client/ws wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* https://rec.smartlook.com/recorder.js http://rec.smartlook.com/recorder.js https://cdn.jsdelivr.net http://malsup.github.com http://malsup.github.io https://api.facebook.com http://api.facebook.com https://graph.facebook.com/ http://graph.facebook.com/ http://connect.facebook.net/ https://connect.facebook.net/ https://*.googleapis.com http://*.googleapis.com https://unpkg.com http://unpkg.com https://code.jquery.com http://code.jquery.com https://*.zopim.com http://*.zopim.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://*.hotjar.com http://*.hotjar.com https://cdn.ampproject.org http://cdn.ampproject.org https://npmcdn.com http://npmcdn.com https://*.googleapis.com http://*.googleapis.com https://*.google-analytics.com http://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' * https://graylog.hotjar.com:12443/gelf wss://ws2.hotjar.com/api/v1/client/ws wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* wss://*.zopim.com/* https://writer.smartlook.com https://s2.getsmartlook.com ws://172.16.103.211:3000 ws://localhost:* https://code.jquery.com http://code.jquery.com wss://*.zopim.com https://*.hotjar.com http://*.hotjar.com ws://*.hotjar.com ws://127.0.0.1:35729/ https://localhost:3000 http://localhost:3000 https://*.googleapis.com http://*.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' * wss://*.hotjar.com/* http://*.hotjar.com/* https://*.hotjar.com/* https://localhost http://localhost https://*.zopim.com http://*.zopim.com https://fonts.googleapis.com http://fonts.googleapis.com https://file.myfontastic.com http://file.myfontastic.com https://*.cloudflare.com http://*.cloudflare.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' blob: data: * http://*.google-analytics.com/* https://*.google-analytics.com/* wss://*.hotjar.com/* http://*.hotjar.com/* https://*.hotjar.com/* https://www.facebook.com http://www.facebook.com https://localhost http://localhost https://*.fbcdn.net http://*.fbcdn.net https://*.zopim.com http://*.zopim.com https://*.appspot.com http://*.appspot.com https://*.gstatic.com http://*.gstatic.com https://maps.googleapis.com http://maps.googleapis.com 'unsafe-inline' 'unsafe-eval'; report-uri /report-violation |
X-WebKit-CSP | default-src 'self' data: * wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* http://www.youtube.com https://www.youtube.com https://graph.facebook.com/ http://graph.facebook.com/ http://staticxx.facebook.com/ https://staticxx.facebook.com/ https://www.facebook.com http://www.facebook.com data: https://localhost http://localhost https://*.zopim.com http://*.zopim.com https://fonts.gstatic.com http://fonts.gstatic.com https://file.myfontastic.com http://file.myfontastic.com https://*.cloudflare.com http://*.cloudflare.com https://*.googleapis.com http://*.googleapis.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' * wss://ws2.hotjar.com/api/v1/client/ws wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* https://rec.smartlook.com/recorder.js http://rec.smartlook.com/recorder.js https://cdn.jsdelivr.net http://malsup.github.com http://malsup.github.io https://api.facebook.com http://api.facebook.com https://graph.facebook.com/ http://graph.facebook.com/ http://connect.facebook.net/ https://connect.facebook.net/ https://*.googleapis.com http://*.googleapis.com https://unpkg.com http://unpkg.com https://code.jquery.com http://code.jquery.com https://*.zopim.com http://*.zopim.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://*.hotjar.com http://*.hotjar.com https://cdn.ampproject.org http://cdn.ampproject.org https://npmcdn.com http://npmcdn.com https://*.googleapis.com http://*.googleapis.com https://*.google-analytics.com http://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' * https://graylog.hotjar.com:12443/gelf wss://ws2.hotjar.com/api/v1/client/ws wss://*.hotjar.com:*/* http://*.hotjar.com:*/* https://*.hotjar.com:*/* wss://*.zopim.com/* https://writer.smartlook.com https://s2.getsmartlook.com ws://172.16.103.211:3000 ws://localhost:* https://code.jquery.com http://code.jquery.com wss://*.zopim.com https://*.hotjar.com http://*.hotjar.com ws://*.hotjar.com ws://127.0.0.1:35729/ https://localhost:3000 http://localhost:3000 https://*.googleapis.com http://*.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' * wss://*.hotjar.com/* http://*.hotjar.com/* https://*.hotjar.com/* https://localhost http://localhost https://*.zopim.com http://*.zopim.com https://fonts.googleapis.com http://fonts.googleapis.com https://file.myfontastic.com http://file.myfontastic.com https://*.cloudflare.com http://*.cloudflare.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' blob: data: * http://*.google-analytics.com/* https://*.google-analytics.com/* wss://*.hotjar.com/* http://*.hotjar.com/* https://*.hotjar.com/* https://www.facebook.com http://www.facebook.com https://localhost http://localhost https://*.fbcdn.net http://*.fbcdn.net https://*.zopim.com http://*.zopim.com https://*.appspot.com http://*.appspot.com https://*.gstatic.com http://*.gstatic.com https://maps.googleapis.com http://maps.googleapis.com 'unsafe-inline' 'unsafe-eval'; report-uri /report-violation |
X-DNS-Prefetch-Control | off |
X-Frame-Options | DENY |
Strict-Transport-Security | max-age=86; includeSubDomains; preload |
X-Download-Options | noopen |
Surrogate-Control | no-store |
Cache-Control | no-store, no-cache, must-revalidate, proxy-revalidate |
Pragma | no-cache |
Expires | 0 |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1 |
X-Protected-By | Sqreen |
ETag | W/"395d-aQFi0vU57pGDRgJVEwHhyQ" |
Vary | Accept-Encoding |
Content-Encoding | gzip |
set-cookie | connect.sid=s%3A25c8f94d-54cf-4809-845a-718c46abac4e.NpwDQi3pKhZra1wE8llPOe4akLxpcUMdp9cfiRf3XJo; Path=/; Expires=Mon, 27 Nov 2017 17:14:14 GMT; HttpOnly |