Server | Apache |
Strict-Transport-Security | max-age=16070400; includeSubDomains |
Last-Modified | Mon, 12 Feb 2018 11:15:38 GMT |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Cache-Control | max-age=0 |
Expires | Mon, 12 Feb 2018 16:19:25 GMT |
EN-User | e62061 |
X-UA-Compatible | IE=edge |
P3P | policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" |
X-Frame-Options | SAMEORIGIN |
Content-Security-Policy | upgrade-insecure-requests |
Content-Security-Policy-Report-Only | default-src 'self' ws://127.0.0.1:35729 ws://localhost:3000 fbrpc://call https://*.google-analytics.com https://*.bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://*.googleapis.com https://*.facebook.net https://d2wy8f7a9ursnm.cloudfront.net; style-src 'self' data: 'unsafe-inline' https://*.googleapis.com https://fast.fonts.net; img-src 'self' data: https://*.google-analytics.com https://*.googleapis.com https://*.gstatic.com https://*.facebook.com https://notify.bugsnag.com https://*.gravatar.com https://*.ytimg.com; font-src 'self' data: https://*.gstatic.com; child-src 'self' https://*.joomunited.com https://www.youtube.com; object-src 'self'; report-uri https://csp.spinnwerk.at https://spinnwerk.report-uri.io/r/default/csp/reportOnly |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Keep-Alive | timeout=5, max=392 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |