Content-Type | text/html; charset=UTF-8 |
X-Frame-Options | SAMEORIGIN |
Content-Security-Policy | default-src 'self' ; img-src 'self' https://lastpass.com data: https://rs.gwallet.com https://*.adnxs.com/ https://*.doubleclick.net https://*.adroll.com https://*.google-analytics.com https://www.google.com https://www.facebook.com/tr https://seg.sharethis.com https://t.co/i/adsct https://analytics.twitter.com/i/adsct https://img.youtube.com https://adfarm.mediaplex.com/ad/bk/ https://*.rfihub.com/ https://a.company-target.com/ https://www07.clicktale.net/; object-src 'self' http://*.googlevideo.com http://*.youtube.com https://*.youtube.com http://*.ytimg.com https://*.ytimg.com http://www.google.com http://youtube.googleapis.com; connect-src 'self' https://lastpass.com wss://*.lastpass.com https://5399020466.log.optimizely.com https://pollserver.lastpass.com https://loglogin.lastpass.com ; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://lastpass.com ; plugin-types application/x-invalid-type ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://lastpass.com https://www.youtube.com https://*.ytimg.com https://*.optimizely.com https://cdnssl.clicktale.net/www07/ptc/81e94ea3-750e-420b-a64c-fd410afa1a00.js https://cdnssl.clicktale.net/www/tc/WRf4.js https://scripts.demandbase.com/7d5L0BQ5.min.js https://api.demandbase.com/api/v2/ip.json ; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://lastpass.com ; media-src ; frame-src 'self' https://www.youtube.com https://*.ytimg.com https://ssl.gstatic.com https://www.google.com https://www.youtube.com https://b.company-target.com/ect.html https://1min-ui-prod.service.lastpass.com https://admin-ui-prod.service.lastpass.com |
X-Content-Security-Policy | allow 'self' 'self' https://lastpass.com wss://*.lastpass.com https://5399020466.log.optimizely.com https://pollserver.lastpass.com https://loglogin.lastpass.com ; img-src 'self' https://lastpass.com data: https://rs.gwallet.com https://*.adnxs.com/ https://*.doubleclick.net https://*.adroll.com https://*.google-analytics.com https://www.google.com https://www.facebook.com/tr https://seg.sharethis.com https://t.co/i/adsct https://analytics.twitter.com/i/adsct https://img.youtube.com https://adfarm.mediaplex.com/ad/bk/ https://*.rfihub.com/ https://a.company-target.com/ https://www07.clicktale.net/; object-src 'self' http://*.googlevideo.com http://*.youtube.com https://*.youtube.com http://*.ytimg.com https://*.ytimg.com http://www.google.com http://youtube.googleapis.com; frame-src 'self' https://www.youtube.com https://*.ytimg.com https://ssl.gstatic.com https://www.google.com https://www.youtube.com https://b.company-target.com/ect.html; options inline-script eval-script |
P3P | CP="NON DSP COR CUR OUR LEG PHY COM" |
Server | LastPass |
Strict-Transport-Security | max-age=86400000 |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Vary | Accept-Encoding |
Content-Length | 29315 |
Connection | keep-alive |