Cache-Control | no-cache, no-store, max-age=0, must-revalidate |
Content-Security-Policy-Report-Only | script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://d2i1pl9gz4hwa7.cloudfront.net https://www.googletagmanager.com https://www.googleadservices.com https://connect.facebook.net https://checkout.stripe.com https://apis.google.com https://ssl.google-analytics.com https://www-onepick-opensocial.googleusercontent.com ; report-uri /csp-report |
Content-Type | text/html; charset=UTF-8 |
Etag | "511d36fe9c5eed0963dd645c3063c29caa9be57d" |
Expires | 0 |
Server | nginx |
Vary | Cookie, Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Content-Length | 9639 |
Connection | keep-alive |