| Content-Type | text/html; charset=utf-8 |
| Vary | Accept-Encoding |
| Cache-Control | private, max-age=600 |
| content-security-policy | default-src 'none';script-src 'report-sample' 'self' https://www.google-analytics.com/analytics.js https://code.jquery.com/jquery-2.2.4.min.js https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js; img-src 'self' https://www.google-analytics.com/r/collect https://www.google-analytics.com/collect https://www.gstatic.com/images/; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/fonts/;connect-src 'self';style-src 'report-sample' 'self' https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/superhero/bootstrap.min.css https://fonts.googleapis.com;frame-ancestors 'none'; base-uri 'self'; form-action 'self'; report-uri https://app.getsentry.com/api/61840/csp-report/?sentry_version=5&sentry_key=fa6dfb4b9f18472ea63004645f521c17 |
| X-XSS-Protection | 1; mode=block |
| X-Frame-Options | DENY |
| X-Content-Type-Options | nosniff |
| X-Download-Options | noopen |
| Strict-Transport-Security | max-age=15638400; includeSubDomains; preload |
| Public-Key-Pins | pin-sha256="EiuYBovZE7xAPdUW+xuErKaams2YLhZf3/lAIApfa1Y="; pin-sha256="8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8="; pin-sha256="TnJxmEMXaHYX/tUZxO+6yub58m0FSG9yHgTI1DcSDSM="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; max-age=15638400; includeSubDomains |
| Referrer-Policy | no-referrer, strict-origin-when-cross-origin |
| Content-Encoding | gzip |
| Via | 1.1 google |
| Transfer-Encoding | chunked |