Server | Apache |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
X-Pingback | http://www.direxi.fr/xmlrpc.php |
Origin | http://www.direxi.fr |
Access-Control-Allow-Origin | https://www.direxi.fr |
Access-Control-Allow-Methods | POST,GET,OPTIONS |
Access-Control-Allow-Headers | x-requested-with |
X-Frame-Options | ALLOW-FROM http://www.direxi.fr |
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' *.direxi.fr apis.google.com https://fonts.googleapis.com d1447tq2m68ekg.cloudfront.net vf-js.ekomi.de platform.twitter.com wcb.linkeo.com client.linkeo.com css3-mediaqueries-js.googlecode.com *.google-analytics.com www.googleadservices.com dcinfos.abtasty.com |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=UTF-8 |