Server | Apache/2.4.10 (Debian) |
X-Frame-Options | SAMEORIGIN |
Origin | http://www.wishpond.com, https://www.wishpond.com |
Access-Control-Allow-Origin | http://www.wishpond.com, https://www.wishpond.com |
Access-Control-Allow-Headers | origin, x-requested-with, content-type |
Access-Control-Allow-Methods | PUT, GET, POST, DELETE, OPTIONS |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=157680000 |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
ServerSignature | Off |
ServerTokens | Prod |
X-Permitted-Cross-Domain-Policies | master-only |
X-Content-Security-Policy | allow 'self'; |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |