Server | AptObject Web Server |
Content-Type | text/html;charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
SET-COOKIE | JSESSIONID=CF92EE411901D4D499077A931400BD48; HttpOnly |
Content-Security-Policy | default-src 'self' www.aptobject.com http://www.youtube.com http://staticxx.facebook.com https://staticxx.facebook.com https://www.facebook.com https://apis.google.com https://accounts.google.com ssl.gstatic.com www.google-analytics.com ajax.googleapis.com https://csi.gstatic.com https://maps.googleapis.com https://maps.gstatic.com fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' connect.facebook.net https://apis.google.com www.statcounter.com apis.google.com www.google-analytics.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: www.aptobject.com https://developer.android.com https://www.facebook.com https://maps.gstatic.com https://csi.gstatic.com ssl.gstatic.com c.statcounter.com www.google-analytics.com https://maps.googleapis.com; font-src 'self' https://fonts.gstatic.com; |
CACHE-CONTROL | NO-CACHE |
Pragma | no-cache |
Expires | Sat, 1 Jan 2005 05:00:00 GMT |
Last-Modified | Sat, 1 Jan 2005 05:00:00 GMT |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff, nosniff |
X-XSS-Protection | 1; mode=block, 1; mode=block |
Access-Control-Allow-Methods | GET, POST |
Access-Control-Allow-Headers | Authorization, Content-Type |
Access-Control-Allow-Credentials | true |
Content-Encoding | gzip |