Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
ETag | W/"449a427c2b5469023e7beeda6d8e4209" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | 12d24fbe-51f8-4d47-bda0-31475b52818b |
X-Runtime | 0.036039 |
Strict-Transport-Security | max-age=15768000; preload; includeSubDomains |
Content-Security-Policy-Report-Only | default-src 'none'; script-src data: 'unsafe-eval' 'self' 'unsafe-inline' *.twitter.com assets.zendesk.com developer.setapp.com sdk.amazonaws.com www.google-analytics.com stats.g.doubleclick.net cdn.paddle.com checkout.paddle.com; style-src 'self' 'unsafe-inline' cdn.paddle.com; img-src * data:; media-src getdropsha.re; frame-src *.twitter.com syndication.twitter.com checkout.paddle.com www.paypal.com; font-src 'self' fonts.gstatic.com; connect-src 'self' *.twitter.com analytics.paddle.com stats.g.doubleclick.net www.google-analytics.com dropshare-cloud-uploads.s3.eu-central-1.amazonaws.com dropshare.zendesk.com; report-uri https://sentry.chaos.cloud/api/2/csp-report/?sentry_key=efe40d35e42c41278d24be556a4fad1f |
Referrer-Policy | same-origin |
Content-Encoding | gzip |