Server | Apache |
X-Powered-By | PHP/5.3.28 |
X-Pingback | https://www.delineo.com/xmlrpc.php |
Cache-Control | max-age=2592000 |
Expires | Fri, 04 Dec 2015 16:44:26 GMT |
Access-Control-Allow-Origin | * |
Content-Security-Policy | child-src 'self' *.googletagmanager.com *.storify.com *.twitter.com *.youtube.com; connect-src 'self' wss://inspectletws.herokuapp.com hn.inspectlet.com; default-src data: 'self' hn.inspectlet.com *.youtube.com; font-src data: 'self' fonts.gstatic.com *.myfonts.net *.storify.com; img-src data: 'self' *.cdninstagram.com dpm.demdex.net *.googleapis.com *.gstatic.com *.google-analytics.com hn.inspectlet.com *.quantserve.com *.storify.com *.twimg.com *.twitter.com *.typekit.net; media-src data: 'self'; object-src data: 'self' *.youtube.com; script-src data: 'self' 'unsafe-eval' 'unsafe-inline' *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com cdn.inspectlet.com *.instagram.com *.pinterest.com *.quantserve.com *.storify.com *.twitter.com *.typekit.net *.visualwebsiteoptimizer.com *.zemanta.com; style-src data: 'self' 'unsafe-inline' *.googleapis.com *.myfonts.net *.storify.com platform.twitter.com *.typekit.net; report-uri https://report-uri.io/report/0befa5f5dd21ff6dc32e62bb159195f3; |
Strict-Transport-Security | max-age=10886400 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=2, max=100 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |