Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Last-Modified | Thu, 30 Nov 2017 17:39:01 GMT |
Cache-Control | public, max-age=7200 |
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.cloudflare.com monstacdn.com *.bootstrapcdn.com *.stripe.com; font-src 'self' fonts.gstatic.com *.bootstrapcdn.com *.cloudflare.com *.stripe.com data:; connect-src 'self' *.stripe.com wss:; style-src 'self' 'unsafe-inline' *.googleapis.com *.bootstrapcdn.com *.stripe.com *.cloudflare.com; child-src 'self' *.youtube.com blob:; frame-src 'self' *.stripe.com *.youtube.com; img-src 'self' *.stripe.com *.paypalobjects.com data:; report-uri https://lacicloud.report-uri.io/r/default/csp/enforce |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Access-Control-Allow-Origin | * |
Access-Control-Allow-Methods | GET, POST, OPTIONS |
Content-Encoding | gzip |