Content-Type | text/html; charset=UTF-8 |
Connection | keep-alive |
Server | nginx/1.12.1 |
Vary | Origin,Accept-Encoding,User-Agent |
Referrer-Policy | origin-when-cross-origin, strict-origin-when-cross-origin |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | connect-src * data: ; default-src 'self' https://d29ow0nqvp563s.cloudfront.net ; font-src data: image.gell.com cdnjs.cloudflare.com fonts.gstatic.com *.googleusercontent.com sxt.cdn.skype.com https://d29ow0nqvp563s.cloudfront.net ; frame-src 'self' gell.freshdesk.com platform.twitter.com *.facebook.com https://www.gelllocal.com:9443 *.gelltest.com https://www.youtube.com https://d29ow0nqvp563s.cloudfront.net ; img-src 'self' data: image.gell.com getgell-prod.s3.amazonaws.com getgell-dev.s3.amazonaws.com secure.gravatar.com chart.googleapis.com www.google-analytics.com *.facebook.com *.fbcdn.net *.googleusercontent.com *.gstatic.com https://d29ow0nqvp563s.cloudfront.net ; media-src *.gstatic.com ; script-src 'self' 'unsafe-inline' *.sessionstack.com cdnjs.cloudflare.com www.google-analytics.com assets.freshdesk.com static.woopra.com connect.facebook.net cdn.gelllocal.com pym.nprapps.org cdn.mxpnl.com code.getmdl.io www.gstatic.com cdn.jsdelivr.net https://d29ow0nqvp563s.cloudfront.net ; style-src 'self' 'unsafe-inline' image.gell.com cdnjs.cloudflare.com fonts.googleapis.com assets.freshdesk.com https://translate.googleapis.com code.getmdl.io https://d29ow0nqvp563s.cloudfront.net ; report-uri /cspReport; |
X-Permitted-Cross-Domain-Policies | master-only |
X-Mod-Pagespeed | 1.12.34.2-0 |
Content-Encoding | gzip |
Cache-Control | max-age=0, no-cache, s-maxage=10 |