Cache-Control | max-age=0, private, must-revalidate |
Content-Encoding | gzip |
Content-Security-Policy-Report-Only | default-src 'self'; connect-src 'none'; font-src 'self' data: fonts.googleapis.com netdna.bootstrapcdn.com themes.googleusercontent.com fonts.gstatic.com; frame-src 'none'; img-src 'self' www.google-analytics.com p.typekit.net brokerage.tradier.com trk.kissmetrics.com data:; media-src s3.amazonaws.com; object-src 'none'; script-src 'self' www.google-analytics.com *.newrelic.com use.typekit.net i.kissmetrics.com doug1izaerwt3.cloudfront.net; style-src 'self' netdna.bootstrapcdn.com fonts.googleapis.com use.typekit.net; report-uri /csp/report; |
Content-Type | text/html; charset=utf-8 |
ETag | W/"c1fdffff80c60a7208229415de309944" |
Server | nginx/1.2.6 + Phusion Passenger 4.0.0.rc6 |
Status | 200 OK |
Strict-Transport-Security | max-age=631152000 |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | DENY |
X-Permitted-Cross-Domain-Policies | none |
X-Powered-By | Phusion Passenger 4.0.0.rc6 |
X-Request-Id | 9b36a669-36d3-41e1-9f53-a184fe5cc6bc |
X-Runtime | 0.020132 |
X-XSS-Protection | 1; mode=block |
transfer-encoding | chunked |
Connection | keep-alive |