Server | nginx |
Content-Type | text/html; charset=utf-8 |
Content-Length | 20448 |
Connection | keep-alive |
Strict-Transport-Security | max-age=31536000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Expires | -1 |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | default-src 'none'; connect-src 'self' https://*.intercom.io wss://*.intercom.io bam.nr-data.net; script-src 'self' cdnjs.cloudflare.com js.intercomcdn.com widget.intercom.io angel.co *.cloudflare.com *.jsdelivr.net *.jquery.com *.github.com *.twitter.com *.gstatic.com *.googleapis.com *.google-analytics.com *.google.com dmjwor2go9n1u.cloudfront.net js-agent.newrelic.com bam.nr-data.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.github.com *.bootstrapcdn.com *cloudflare.com *.jsdelivr.net *.twitter.com *.googleapis.com *.google.com dmjwor2go9n1u.cloudfront.net; img-src 'self' data: static.intercomassets.com js.intercomcdn.com static.intercomcdn.com cdn.jsdelivr.net *.twitter.com *.twimg.com launchkey.com ssl.google-analytics.com s3.amazonaws.com d2882u593o0m3.cloudfront.net *.gstatic.com *.googleapis.com dmjwor2go9n1u.cloudfront.net bam.nr-data.net; font-src 'self' cdnjs.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *cloudflare.com fonts.gstatic.com fonts.googleapis.com themes.googleusercontent.com; media-src js.intercomcdn.com s3.amazonaws.com; frame-src *.twitter.com angel.co; report-uri https://csp.launchkey.com |
X-Content-Security-Policy | default-src 'none'; connect-src 'self' https://*.intercom.io wss://*.intercom.io bam.nr-data.net; script-src 'self' cdnjs.cloudflare.com js.intercomcdn.com widget.intercom.io angel.co *.cloudflare.com *.jsdelivr.net *.jquery.com *.github.com *.twitter.com *.gstatic.com *.googleapis.com *.google-analytics.com *.google.com dmjwor2go9n1u.cloudfront.net js-agent.newrelic.com bam.nr-data.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.github.com *.bootstrapcdn.com *cloudflare.com *.jsdelivr.net *.twitter.com *.googleapis.com *.google.com dmjwor2go9n1u.cloudfront.net; img-src 'self' data: static.intercomassets.com js.intercomcdn.com static.intercomcdn.com cdn.jsdelivr.net *.twitter.com *.twimg.com launchkey.com ssl.google-analytics.com s3.amazonaws.com d2882u593o0m3.cloudfront.net *.gstatic.com *.googleapis.com dmjwor2go9n1u.cloudfront.net bam.nr-data.net; font-src 'self' cdnjs.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *cloudflare.com fonts.gstatic.com fonts.googleapis.com themes.googleusercontent.com; media-src js.intercomcdn.com s3.amazonaws.com; frame-src *.twitter.com angel.co; report-uri https://csp.launchkey.com |
X-WebKit-CSP | default-src 'none'; connect-src 'self' https://*.intercom.io wss://*.intercom.io bam.nr-data.net; script-src 'self' cdnjs.cloudflare.com js.intercomcdn.com widget.intercom.io angel.co *.cloudflare.com *.jsdelivr.net *.jquery.com *.github.com *.twitter.com *.gstatic.com *.googleapis.com *.google-analytics.com *.google.com dmjwor2go9n1u.cloudfront.net js-agent.newrelic.com bam.nr-data.net; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.github.com *.bootstrapcdn.com *cloudflare.com *.jsdelivr.net *.twitter.com *.googleapis.com *.google.com dmjwor2go9n1u.cloudfront.net; img-src 'self' data: static.intercomassets.com js.intercomcdn.com static.intercomcdn.com cdn.jsdelivr.net *.twitter.com *.twimg.com launchkey.com ssl.google-analytics.com s3.amazonaws.com d2882u593o0m3.cloudfront.net *.gstatic.com *.googleapis.com dmjwor2go9n1u.cloudfront.net bam.nr-data.net; font-src 'self' cdnjs.cloudflare.com *.jsdelivr.net *.bootstrapcdn.com *cloudflare.com fonts.gstatic.com fonts.googleapis.com themes.googleusercontent.com; media-src js.intercomcdn.com s3.amazonaws.com; frame-src *.twitter.com angel.co; report-uri https://csp.launchkey.com |