Server | o2switch PowerBoost |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
X-Powered-By | PHP/7.1.14 |
Strict-Transport-Security | max-age=16070400; includeSubDomains |
Access-Control-Allow-Origin | * |
X-UA-Compatible | IE=edge |
X-Frame-Options | DENY |
Referrer-Policy | strict-origin-when-cross-origin |
Content-Security-Policy | default-src 'self' data: s.w.org ajax.googleapis.com jenseign.com fonts.gstatic.com www.google-analytics.com stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com apis.google.com www.gstatic.com codepen.io assets.codepen.io production-assets.codepen.io cdn.ampproject.org www.google-analytics.com *.youtube.com *.ytimg.com ; child-src *.youtube.com codepen.io;style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Cache-Control | no-transform |
X-Cache | HIT from Backend |
Content-Encoding | gzip |