Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Cache-Control | private |
Vary | Accept-Encoding |
X-Download-Options | noopen |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | default-src 'self';script-src 'self' 'nonce-qJ6wRNChUpRAXKgC8CE8' *.jquery.com *.google.com *.google-analytics.com *.gstatic.com *.googleapis.com *.googleadservices.com *.aspnetcdn.com ajax.aspnetcdn.com pbs.twimg.com *.twitter.com cdnjs.cloudflare.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.jquery.com *.google.com *.gstatic.com *.googleapis.com *.aspnetcdn.com pbs.twimg.com stats.g.doubleclick.net *.twitter.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com;img-src 'self' stats.g.doubleclick.net *.google-analytics.com *.ytimg.com *.gstatic.com *.googleapis.com *.googleadservices.com *.google.com *.google.co.uk googleads.g.doubleclick.net *.amazonaws.com ab-enzymes.azurewebsites.net abitec.azurewebsites.net ohly.azurewebsites.net spi-pharma.azurewebsites.net pgpi.azurewebsites.net abfgroupwebsitesmedia.blob.core.windows.net data:;frame-src 'self' *.youtube.com googleads.g.doubleclick.net *.google.com *.google.co.uk bid.g.doubleclick.net;font-src 'self' *.gstatic.com maxcdn.bootstrapcdn.com;connect-src 'self' query.yahooapis.com |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=15552000 |
X-Content-Type-Options | nosniff |
Expect-CT | max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" |
Server | cloudflare |
CF-RAY | 3ee530d35cae3fa7-YUL |
Content-Encoding | gzip |