Server | nginx |
Content-Type | text/html; charset=utf8 |
Last-Modified | Thu, 24 Sep 2015 14:33:44 GMT |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
ETag | W/"560409c8-5030" |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | default-src 'none'; script-src 'self' 'unsafe-inline' *.google-analytics.com; style-src 'self' 'unsafe-inline' *.googleapis.com maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' *.google-analytics.com data:; object-src 'none'; media-src 'none'; frame-src 'none' |
X-Content-Security-Policy | default-src 'none'; script-src 'self' 'unsafe-inline' *.google-analytics.com; style-src 'self' 'unsafe-inline' *.googleapis.com maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' *.google-analytics.com data:; object-src 'none'; media-src 'none'; frame-src 'none' |
X-Webkit-CSP | default-src 'none'; script-src 'self' 'unsafe-inline' *.google-analytics.com; style-src 'self' 'unsafe-inline' *.googleapis.com maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com; img-src 'self' *.google-analytics.com data:; object-src 'none'; media-src 'none'; frame-src 'none' |
Content-Encoding | gzip |