Server | nginx |
Content-Type | text/html |
Transfer-Encoding | chunked |
Vary | Accept-Encoding |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate, post-check=0, pre-check=0 |
Pragma | no-cache |
Content-Security-Policy-Report-Only | child-src 'self' https://www.google.com https://player.vimeo.com https://f.vimeocdn.com https://api-efb8753d.duosecurity.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com https://api-efb8753d.duosecurity.com; frame-src 'self' https://www.google.com https://player.vimeo.com https://f.vimeocdn.com https://api-efb8753d.duosecurity.com; img-src 'self' data: https://*.applovin.com https://*.googleapis.com https://*.gstatic.com https://api-efb8753d.duosecurity.com https://privacy-policy.truste.com; media-src 'self' data: https://*.applovin.com https://pdlvimeocdn-a.akamaihd.net https://ssl.gstatic.com; report-uri /api/contentSecurityPolicy; script-src 'self' 'unsafe-inline' https://*.applovin.com https://*.google.com https://*.googleapis.com https://apis.google.com https://*.gstatic.com https://code.jquery.com https://static.woopra.com https://www.woopra.com https://api-efb8753d.duosecurity.com https://privacy-policy.truste.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com https://hello.myfonts.net https://api-efb8753d.duosecurity.com; |
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Content-Encoding | gzip |