Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
Cache-Control | max-age=0, private, must-revalidate |
Vary | Origin |
Strict-Transport-Security | max-age=0; includeSubDomains; preload |
Referrer-Policy | strict-origin-when-cross-origin |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 1; mode=block |
X-Request-Id | 1a20a7b6-163f-495d-beaf-d7db0a8b541a |
X-Download-Options | noopen |
X-Runtime | 0.545309 |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src https: 'self'; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self' wss: onesignal.com; font-src 'self' data: fonts.gstatic.com; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: *.gravatar.com *.google.com; media-src 'self'; object-src 'self'; plugin-types application/x-shockwave-flash; script-src 'self' 'unsafe-inline' cdn.onesignal.com onesignal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com onesignal.com; upgrade-insecure-requests |
Server | cloudflare-nginx |
CF-RAY | 3a9015de7d723fd1-YUL |
Content-Encoding | gzip |