Cache-Control | private, max-age=600 |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Expires | Mon, 15 May 2017 11:52:05 GMT |
Last-Modified | Mon, 15 May 2017 11:42:05 GMT |
Vary | Accept-Encoding |
Server | Microsoft-IIS/8.0 |
Content-Security-Policy | default-src googleads.g.doubleclick.net *.google.com;script-src 'self' 'unsafe-inline' data: pagead2.googlesyndication.com storage.googleapis.com googleads.g.doubleclick.net ajax.googleapis.com www.google.com *.googleapis.com www.google-analytics.com ajax.aspnetcdn.com az416426.vo.msecnd.net dc.services.visualstudio.com www.gstatic.com *.google.com;object-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' stats.g.doubleclick.net graph.facebook.com scontent.xx.fbcdn.net data: storage.googleapis.com pagead2.googlesyndication.com www.google-analytics.com;font-src 'self' fonts.googleapis.com;connect-src 'self' pagead2.googlesyndication.com *.googleapis.com az416426.vo.msecnd.net dc.services.visualstudio.com;child-src googleads.g.doubleclick.net www.google.com *.googleapis.com www.gstatic.com *.google.com;form-action 'self' https://accounts.google.com https://*.facebook.com;frame-ancestors 'self';report-uri /WebResource.axd?cspReport=true |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | Deny |