Connection: keep-alive
Content-Type: text/html; charset=utf-8
Server: nginx
Cache-Control: max-age=1800, public
Content-Security-Policy-Report-Only: default-src https: 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk; img-src 'self' data: *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com assets.digital.cabinet-office.gov.uk; script-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.gstatic.com www.signin.service.gov.uk *.ytimg.com www.youtube.com www.youtube-nocookie.com hmrc-uk.digital.nuance.com 'unsafe-inline'; style-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.gstatic.com 'unsafe-inline'; font-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk data:; connect-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.tax.service.gov.uk hmrc-uk.digital.nuance.com gov.klick2contact.com www.signin.service.gov.uk; object-src 'none'; frame-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.youtube.com www.youtube-nocookie.com; report-uri https://jhpno0hk6b.execute-api.eu-west-2.amazonaws.com/production
Etag: W/"c6b4899434fefb1230954c042ca8e255"
Strict-Transport-Security: max-age=31536000; preload
Via: 2.0 router, 1.1 varnish, 1.1 varnish
X-Frame-Options: ALLOWALL
X-Request-Id: 65d010a6-4d4a-4261-b2d6-6451dbca4df1
Fastly-Backend-Name: origin
Accept-Ranges: bytes
Date: Fri, 27 Nov 2020 14:36:41 GMT
Age: 1435
X-Served-By: cache-lga21923-LGA
X-Cache: MISS, HIT
X-Cache-Hits: 1
X-Timer: S1606487801.060643,VS0,VE0
Vary: Accept-Encoding
x-encoded-content-encoding: gzip
x-encoded-content-length: 11318
|
