Content-Type | text/html;charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Server | nginx |
Cache-Control | no-cache, must-revalidate |
Content-Encoding | gzip |
Expires | -1 |
Vary | Accept-Encoding |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=15768000; includeSubDomains |
X-Frame-Options | DENY |
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' *.theidol-hackthorpe.net www.theidol.com *.sessioncam.com d2oh4tlt9mrke9.cloudfront.net tagmanager.google.com www.googletagmanager.com www.googleadservices.com www.google-analytics.com p.typekit.net use.typekit.net *.googleapis.com *.gstatic.com *.moneyadviceservice.org.uk mascdn.azureedge.net googleads.g.doubleclick.net *.google.com *.google.co.uk *.streetcheck.co.uk *.mapbox.com *.postcodeanywhere.co.uk images.twenty7tec.com sentry.theidol.com; |
X-Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' *.theidol-hackthorpe.net www.theidol.com *.sessioncam.com d2oh4tlt9mrke9.cloudfront.net tagmanager.google.com www.googletagmanager.com www.googleadservices.com www.google-analytics.com p.typekit.net use.typekit.net *.googleapis.com *.gstatic.com *.moneyadviceservice.org.uk mascdn.azureedge.net googleads.g.doubleclick.net *.google.com *.google.co.uk *.streetcheck.co.uk *.mapbox.com *.postcodeanywhere.co.uk images.twenty7tec.com sentry.theidol.com; |
X-WebKit-CSP | default-src 'self' 'unsafe-inline' 'unsafe-eval' *.theidol-hackthorpe.net www.theidol.com *.sessioncam.com d2oh4tlt9mrke9.cloudfront.net tagmanager.google.com www.googletagmanager.com www.googleadservices.com www.google-analytics.com p.typekit.net use.typekit.net *.googleapis.com *.gstatic.com *.moneyadviceservice.org.uk mascdn.azureedge.net googleads.g.doubleclick.net *.google.com *.google.co.uk *.streetcheck.co.uk *.mapbox.com *.postcodeanywhere.co.uk images.twenty7tec.com sentry.theidol.com; |