Accept-Ranges | bytes |
Cache-Control | max-age=3600 |
Content-Encoding | gzip |
Content-Security-Policy | script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; img-src 'self' https://www.google-analytics.com https://*.doubleclick.net; default-src 'none'; font-src 'self'; connect-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'unsafe-inline' 'self'; media-src 'self'; manifest-src 'self'; report-uri https://5147a3de4e66e209aef908a024509fc5.report-uri.io/r/default/csp/enforce; referrer origin; object-src 'none'; child-src 'self' |
Content-Type | text/html |
ETag | "38a2-526dd11956e20-gzip" |
Expires | Sat, 10 Feb 2018 22:40:49 GMT |
Last-Modified | Mon, 14 Dec 2015 15:10:08 GMT |
Public-Key-Pins | pin-sha256="yunpJ1pnZfBhOiPQu+1MtWdnRLdcgY6KF8lo5gJr6+U="; pin-sha256="2cWux96D851vrzUPVWuUenYJUtcpCrWDAfLafgmM+zw="; pin-sha256="5SOaqAE82FKc7EI7p348PkSSInN8PP+Y/21Mttf1QII="; max-age=5184000; report-uri="https://5147a3de4e66e209aef908a024509fc5.report-uri.io/r/default/hpkp/enforce" |
Server | Apache |
Strict-Transport-Security | max-age=16070400; includeSubDomains; preload |
Vary | Accept-Encoding |
X-Content-Security-Policy | script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; img-src 'self' https://www.google-analytics.com https://*.doubleclick.net; default-src 'none'; font-src 'self'; connect-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'unsafe-inline' 'self'; media-src 'self'; manifest-src 'self'; report-uri https://5147a3de4e66e209aef908a024509fc5.report-uri.io/r/default/csp/enforce; referrer origin; object-src 'none'; child-src 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-XSS-Protection | 1; mode=block |
Connection | keep-alive |