Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate |
Pragma | no-cache |
Strict-Transport-Security | max-age=86400; includeSubDomains; preload |
Public-Key-Pins | pin-sha256="9tC3MxfHe2oCMJfQNxFl7tF5iKWjap94uPVcLYYAqYg="; pin-sha256="xSuMPLRbwIALiAjSapeFvLAwQ5+SnrXoTxP+NcHaK9E="; max-age=86400; report-uri="https://brumbrum.report-uri.io/r/default/hpkp/enforce" |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: filesystem: mediastream: https://*.brumbrum.it https://*.hotjar.com ws://*.hotjar.com https://*.jsdelivr.net *.pinterest.com maps.googleapis.com https://*.gstatic.com *.google-analytics.com https://*.googletagmanager.com https://*.slack.com https://*.cloudfront.net *.freshdesk.com https://*.newrelic.com https://*.nr-data.net freegeoip.net https://*.amazonaws.com https://*.pubnub.com https://*.googleapis.com https://cdnjs.cloudflare.com https://*.google.com https://*.google.it https://*.doubleclick.net ws://*.freshdesk.com; frame-ancestors 'none'; report-uri https://brumbrum.report-uri.io/r/default/csp/enforce |
Server | brumbrum v0.16a |
Content-Encoding | gzip |