Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
Cache-Control | max-age=0, private, must-revalidate |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
Referrer-Policy | origin-when-cross-origin |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 1; mode=block |
X-Request-Id | 4d870f3f-5a98-49de-a570-af401ecfeaf4 |
X-Download-Options | noopen |
X-Runtime | 0.023023 |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src https: 'self' https://www.fantasytote.com; base-uri 'self'; block-all-mixed-content; child-src 'self' https://www.google.com https://facebook.com https://test.oppwa.com https://beacon.tapfiliate.com https://b.frstre.com https://fantasytote.formstack.com https://oppwa.com https://test.ppipe.net https://ppipe.net https://fast.wistia.com https://www.fantasytote.com; connect-src wss: https://fg8vvsvnieiv3ej16jby.litix.io https://fullstory.com https://rs.fullstory.com https://r.fullstory.com https://www.facebook.com https://embedwistia-a.akamaihd.net https://app.getsitecontrol.com https://embed-ssl.wistia.com https://distillery.wistia.com https://api.airbrake.io https://pipedream.wistia.com https://test.oppwa.com https://oppwa.com https://*.intercom.io https://www.fantasytote.com; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.fantasytote.com https://assets.myfantasybet.com https://js.intercomcdn.com https://netdna.bootstrapcdn.com https://fonts.gstatic.com https://www.fantasytote.com; form-action 'self' https://www.fantasytote.com https://www.facebook.com https://www.myfantasybet.com https://test.oppwa.com https://oppwa.com https://fantasytote.formstack.com; frame-ancestors 'self'; img-src 'self' https://static.intercomassets.com https://facebook.com https://assets.fantasytote.com https://assets.myfantasybet.com https://www.facebook.com https://www.google.com https://s3-eu-west-1.amazonaws.com https://fg8vvsvnieiv3ej16jby.litix.io https://www.google-analytics.com https://s3-eu-west-1.amazonaws.com/staticassetsfantasytote https://code.jquery.com https://www.formstack.com https://static.formstack.com https://fantasytote.formstack.com https://www.paypalobjects.com https://test.oppwa.com https://oppwa.com https://fast.wistia.com https://embedwistia-a.akamaihd.net https://*.s3.amazonaws.com https://*.intercomcdn.com https://*.getsitecontrol.com https://*.newrelic.com https://www.fantasytote.com https://www.myfantasybet.com data:; media-src https://www.fantasytote.com https://www.myfantasybet.com https://js.intercomcdn.com https://embedwistia-a.akamaihd.net data: blob:; object-src 'self' https://www.fantasytote.com; script-src 'self' https://collector.leaddyno.com https://ajax.cloudflare.com https://static.leaddyno.com https://assets.fantasytote.com https://assets.myfantasybet.com https://static.tapfiliate.com https://fast.wistia.net https://test.oppwa.com https://fullstory.com https://connect.facebook.net https://oppwa.com https://www.fantasytote.com https://www.myfantasybet.com https://netdna.bootstrapcdn.com https://src.litix.io 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://ajax.googleapis.com https://static.formstack.com https://maxcdn.bootstrapcdn.com https://www.google.com https://cdn.datatables.net https://cdn.ravenjs.com https://code.jquery.com https://cdnjs.cloudflare.com https://fantasytote.formstack.com https://fast.wistia.com https://*.newrelic.com https://*.getsitecontrol.com https://www.google-analytics.com https://widget.intercom.io https://js.intercomcdn.com https://*.kxcdn.com https://bam.nr-data.net; style-src 'self' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.fantasytote.com https://assets.myfantasybet.com https://netdna.bootstrapcdn.com https://code.jquery.com https://test.oppwa.com https://oppwa.com 'unsafe-inline' https://cdn.datatables.net https://static.formstack.com https://fonts.googleapis.com https://www.fantasytote.com https://www.myfantasybet.com; upgrade-insecure-requests; report-uri https://128667ac1a7f09f5156b5c0d389d670d.report-uri.io/r/default/csp/enforce |
X-Powered-By | Phusion Passenger 5.1.11 |
Access-Control-Allow-Methods | * |
Access-Control-Allow-Headers | Access-Control-Allow-Origin |
Access-Control-Allow-Credentials | false |
Expect-CT | max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" |
Server | cloudflare |
CF-RAY | 3f2e0a3acd2d3f7d-YUL |
Content-Encoding | gzip |