Content-Encoding | gzip |
Accept-Ranges | bytes |
Access-Control-Allow-Origin | * |
Cache-Control | max-age=1800 |
Content-Security-Policy | child-src 'self' blob:; connect-src *; default-src 'self'; img-src 'self' 'unsafe-inline' data: *; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com *.jwpcdn.com; object-src 'self' *.googlesyndication.com; media-src 'self' blob: *; manifest-src 'self'; script-src 'self' 'unsafe-inline' 'self' 'unsafe-inline' 'unsafe-eval' blob: *.2mdn.net static.ads-twitter.com *.adnxs.com *.adsafeprotected.com *.adsrvr.org *.doubleclick.net *.doubleverify.com *.everesttech.net *.extend.tv *.extremereach.io connect.facebook.net *.flashtalking.com tagmanager.google.com *.google-analytics.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.iasds01.com *.innovid.com *.insightexpressai.com *.jwplatform.com *.jwpcdn.com *.jwpsrv.com *.moatads.com cdn.polyfill.io *.scorecardresearch.com *.serving-sys.com *.spotxcdn.com *.spotxchange.com *.tremorhub.com analytics.twitter.com *.vindicosuite.com *.w55c.net *.yumenetworks.com; style-src 'self' 'unsafe-inline' blob: 'self' 'unsafe-inline' blob: fonts.googleapis.com *.gstatic.com tagmanager.google.com; frame-src *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.doubleverify.com *.dvtps.com |
Content-Type | text/html; charset=utf-8 |
Etag | W/"2f221-zCsUC8WlN8Va9ijfOysBEMU++ZA" |
Expires | Mon, 28 Aug 2017 12:31:20 GMT |
Last-Modified | Sun, 27 Aug 2017 20:26:13 GMT |
Server | ECS (lga/1318) |
Vary | Accept-Encoding |
Via | 1.1 vegur |
X-Cache | HIT |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |