Content-Type | text/html |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Dns-Prefetch-Control | off |
X-Frame-Options | SAMEORIGIN |
X-Download-Options | noopen |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Content-Security-Policy | default-src 'self' www.google.com *.facebook.com cdn.jsdelivr.net; script-src 'self' data: www.google-analytics.com www.google.com www.gstatic.com connect.facebook.net 'unsafe-inline'; font-src 'self' data: fonts.gstatic.com maxcdn.bootstrapcdn.com; style-src 'self' fonts.googleapis.com www.gstatic.com maxcdn.bootstrapcdn.com 'unsafe-inline'; img-src * data: |
Strict-Transport-Security | max-age=15768000; includeSubDomains |
X-Powered-By | Next.js 2.3.0-alpha1 |
Etag | W/"2ac3-8S6JisaPXS8HoJ85KjMtCMFq3bo" |
Via | 1.1 vegur |
Server | cloudflare-nginx |
CF-RAY | 364829927cea3fa7-YUL |
Content-Encoding | gzip |