Content-Encoding | gzip |
X-Frame-Options | DENY |
Referrer-Policy | no-referrer-when-downgrade |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=15768000 |
Content-Security-Policy-Report-Only | report-uri /api/v1/csp/violation; script-src 'self' https://widget.trustpilot.com https://cdn.segment.com https://*.typekit.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.mxpnl.com https://*.fullstory.com https://fullstory.com https://connect.facebook.net https://ajax.googleapis.com https://js.stripe.com https://bat.bing.com https://cdn.divido.com https://www.googleadservices.com 'unsafe-inline' 'unsafe-eval'; plugin-types application/pdf; frame-ancestors 'none'; child-src https://*.doubleclick.net https://js.stripe.com; font-src 'self' https://*.typekit.net https://fonts.gstatic.com; base-uri 'none'; connect-src 'self' https://www.google-analytics.com https://*.doubleclick.net https://api.mixpanel.com https://*.fullstory.com https://*.typekit.net https://api.segment.io https://cdn.divido.com; form-action 'self'; style-src 'self' https://*.cloudfront.net https://fonts.googleapis.com 'unsafe-inline'; object-src 'self'; default-src 'none'; img-src https: |
Cache-Control | max-age=300 |
Last-Modified | Wed, 31 Jan 2018 09:43:24 GMT |
ETag | "120201614b997660" |
Accept-Ranges | bytes |
Content-Type | text/html; charset=UTF-8 |
Via | 1.1 google |
Alt-Svc | clear |
Transfer-Encoding | chunked |