Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
ETag | W/"6cc6-xcfK3aMhBijqmlpUulKwMbojRbk" |
Access-Control-Allow-Origin | * |
Access-Control-Allow-Methods | POST, GET, OPTIONS, DELETE, PUT |
Access-Control-Max-Age | 86400 |
Access-Control-Allow-Headers | x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-AUTH_TOKEN, X-AUTH-TOKEN, API-VERSION |
X-Frame-Options | SAMEORIGIN |
Cache-Control | max-age=0 |
Server | nginx, lisa |
X-Powered-By | lisa |
X-Runtime | lisa |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Content-Security-Policy | default-src 'none'; connect-src ws://localhost:* https://*.nebenan.de https://*.mesvoisins.fr; child-src www.googletagmanager.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' localhost:* www.googletagmanager.com tagmanager.google.com www.google-analytics.com www.googleadservices.com connect.facebook.net platform.twitter.com; img-src 'self' data: https://* www.google-analytics.com; style-src 'self' 'unsafe-inline' tagmanager.google.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; manifest-src 'self'; media-src 'self'; form-action 'self'; frame-ancestors 'none'; report-uri https://sentry.mesvoisins.fr/api/12/csp-report/?sentry_key=6f36691e502848949116aeba72c21b8e |
Content-Encoding | gzip |