Cache-control | no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie" |
Content-Encoding | gzip |
Content-Security-Policy | default-src 'none'; frame-src 'self' https://www.google.com sendsafely: https://analytics-frame.sendsafely.com https://static-www.sendsafely.com;connect-src 'self' https://sendsafely-filestore-prod-us.s3.amazonaws.com; script-src https://static-www.sendsafely.com https://www.google.com https://www.gstatic.com https://apis.google.com https://ssl.google-analytics.com https://api.stripe.com https://www.googleadservices.com; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'self' https://static-www.sendsafely.com; child-src 'self'; img-src 'self' https://app-static.sendsafely.com https://www.google.com https://www.gstatic.com https://apis.google.com https://ssl.google-analytics.com https://www.gravatar.com i0.wp.com i1.wp.com i2.wp.com i3.wp.com https://stats.g.doubleclick.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net chrome-extension:; report-uri /csp-reports; |
Content-Type | text/html;charset=utf-8 |
Expires | Tue, 03 Jul 2001 06:00:00 GMT |
Pragma | no-cache |
Server | null |
Strict-Transport-Security | max-age=31536000 |
Vary | Accept-Encoding |
X-Frame-Options | SAMEORIGIN |
X-Permitted-Cross-Domain-Policies | master-only |
X-WebKit-CSP | default-src 'none'; frame-src 'self' https://www.google.com sendsafely: https://analytics-frame.sendsafely.com https://static-www.sendsafely.com;connect-src 'self' https://sendsafely-filestore-prod-us.s3.amazonaws.com; script-src https://static-www.sendsafely.com https://www.google.com https://www.gstatic.com https://apis.google.com https://ssl.google-analytics.com https://api.stripe.com https://www.googleadservices.com; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'self' https://static-www.sendsafely.com; child-src 'self'; img-src 'self' https://app-static.sendsafely.com https://www.google.com https://www.gstatic.com https://apis.google.com https://ssl.google-analytics.com https://www.gravatar.com i0.wp.com i1.wp.com i2.wp.com i3.wp.com https://stats.g.doubleclick.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net chrome-extension:; report-uri /csp-reports; |
X-XSS-Protection | 1; mode=block |
transfer-encoding | chunked |
Connection | keep-alive |