Server | nginx/1.6.2 |
Content-Type | text/html |
Transfer-Encoding | chunked |
Connection | keep-alive |
Last-Modified | Thu, 23 Nov 2017 11:55:12 GMT |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Referrer-Policy | same-origin |
Access-Control-Allow-Credentials | true |
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
Content-Security-Policy | default-src 'self'; script-src 'unsafe-eval' 'self' 'unsafe-inline' https://*.google-analytics.com https://www.gstatic.com; img-src 'self' data: 'unsafe-inline' https://api.tiles.mapbox.com https://*.google-analytics.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com; frame-src https://*.youtube.com |
Content-Encoding | gzip |