Server | Apache |
Cache-Control | private, must-revalidate |
Expires | Sun, 04 Feb 2018 09:30:52 GMT |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | SAMEORIGIN |
Referrer-Policy | no-referrer-when-downgrade |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Content-Security-Policy | script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com *.google-analytics.com *.googletagmanager.com tagmanager.google.com www.googletagmanager.com *.youtube.com *.ytimg.com seal.godaddy.com *.disqus.com *.hotjar.com *.tawk.to cdn.jsdelivr.net *.addtoany.com *.aviary.com *.cloudfront.net ssl.p.jwpcdn.com vimeo.com player.vimeo.com *.instagram.com *.twitter.com *.facebook.com jobs.jobvite.com *.calls.net *.tctm.co analytics.staticiv.com connect.facebook.net s.ytimg.com pixel.mathtag.com adserve.atedra.com sync.adaptv.advertising.com ad.360yield.com cs.adingo.jp ad.sxp.smartclip.net eb2.3lift.com connect.facebook.net/en_US/fbevents.js |
Public-Key-Pins | pin-sha256="cNLoAOHw/7zHDbKZyJ5PzZwWbXoNV4IWalzs8onVAT4="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME="; max-age=2592000 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=15, max=768 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |