Server | Cowboy |
Connection | keep-alive |
Strict-Transport-Security | max-age=8640000; includeSubDomains |
Content-Security-Policy | default-src 'self' http://localhost:3000/; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:3000/ cdn.polyfill.io app-sj19.marketo.com *.global.ssl.fastly.net www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com http://localhost:3000/ http://app-sj19.marketo.com/ *.global.ssl.fastly.net blob:;; img-src 'self' 'unsafe-inline' res.cloudinary.com http://localhost:3000/ https://img.evbuc.com *.global.ssl.fastly.net https://bucketeer-577bba30-88d2-4a8d-ac99-4e78de680805.s3.amazonaws.com www.google-analytics.com data:;; connect-src 'self' ws: swapi.co http://localhost:3000/; font-src 'self' fonts.gstatic.com *.global.ssl.fastly.net http://localhost:3000/; object-src 'none'; media-src 'self' ssrweb.zoom.us *.global.ssl.fastly.net https://bucketeer-577bba30-88d2-4a8d-ac99-4e78de680805.s3.amazonaws.com; frame-src player.vimeo.com http://app-sj19.marketo.com/ |
X-Xss-Protection | 1; mode=block |
X-Frame-Options | SAMEORIGIN |
X-Download-Options | noopen |
X-Content-Type-Options | nosniff |
Access-Control-Allow-Origin | * |
Content-Type | text/html; charset=utf-8 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Transfer-Encoding | chunked |
Via | 1.1 vegur |