Server | nginx |
Content-Type | text/html; charset=utf-8 |
Content-Length | 17830 |
Connection | keep-alive |
ETag | W/"45a6-D7YFVkn86WMg3e9Rw7OTY+K2jpQ" |
set-cookie | andee.id=s%3AGly2o9Mf7YKIbtzPgFvDXSz3X0z9XEzc.mwmGCB9x%2F7%2F0QLyFXK%2BqJJYU%2FPr%2FxpSNy4536sF49Dk; Path=/; Expires=Tue, 20 Feb 2018 18:13:39 GMT; HttpOnly; Secure |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block; |
X-DNS-Prefetch-Control | off |
X-Download-Options | noopen |
Content-Security-Policy | default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com https://*.paypal.com https://www.paypalobjects.com code.jquery.com maxcdn.bootstrapcdn.com https://maps.googleapis.com https://maps.gstatic.com *.google-analytics.com; img-src 'self' https://maps.googleapis.com https://maps.gstatic.com https://csi.gstatic.com data: *.google-analytics.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://www.youtube.com; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |