Server | Apache |
X-Powered-By | Express |
content-security-policy | script-src 'self' https://v.calameo.com fonts.googleapis.com http://www.google-analytics.com https://maps.googleapis.com https://maps.google.com https://l2.io https://assets.jumbo-score.com 'unsafe-inline' 'unsafe-eval'; default-src 'self' https://v.calameo.com; style-src 'self' https://fonts.googleapis.com https://assets.jumbo-score.com 'unsafe-inline'; connect-src 'self' https://assets.jumbo-score.com; media-src 'self' https://assets.jumbo-score.com https://catalogue.jumbo-score.com; font-src https://fonts.gstatic.com https://jumbo-score.com https://www.jumbo-score.com https://assets.jumbo-score.com; img-src 'self' data: http://www.google-analytics.com https://maps.googleapis.com/ https://csi.gstatic.com https://maps.gstatic.com https://catalogue.jumbo-score.com https://assets.jumbo-score.com https://www.scoredrive.re https://www.jumbodrive.re https://assets.scoredrive.re https://assets.jumbodrive.re; form-action 'self' http://api.vindemia.io https://api.vindemia.io; child-src 'self' https://v.calameo.com https://www.youtube.com https://www.bonsplansdesmarques.com https://v2.bonsplansdesmarques.com; plugin-types application/x-shockwave-flash; reflected-xss allow; object-src 'self'; script-nonce 'self'; report-uri 'self' |
x-frame-options | sameorigin |
p3p | _p3p |
strict-transport-security | max-age=0; includeSubDomains; preload |
x-xss-protection | 1; mode=block |
x-content-type-options | nosniff |
Access-Control-Allow-Origin | * |
Content-Type | text/html; charset=utf-8 |
ETag | W/"d54-/tLMYzqw6/cZ48chNr+SzAE/UiY" |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=5, max=300 |
Connection | Keep-Alive |
Transfer-Encoding | chunked |