Access-Control-Allow-Origin | * |
Access-Control-Allow-Methods | GET,HEAD,PUT,POST,DELETE |
X-RateLimit-Remaining | 299 |
X-RateLimit-Reset | 1518498024 |
X-RateLimit-Limit | 300 |
Content-Security-Policy | child-src 'nonce-790e8aa7-a467-4951-87d0-9cca3d1fd376' 'self'; default-src 'self'; connect-src 'self' wss://neotracker.io wss://neotracker.org wss://neotracker.net http://www.google-analytics.com/ https://www.facebook.com/tr/ https://sentry.io/; img-src 'self' data: https://www.google.com http://www.google-analytics.com/ https://www.facebook.com/ https://d5nxst8fruw4z.cloudfront.net https://stats.g.doubleclick.net; font-src 'self' https://fonts.gstatic.com/; frame-src 'none'; object-src 'self'; media-src 'self'; manifest-src 'self'; script-src 'nonce-790e8aa7-a467-4951-87d0-9cca3d1fd376' 'self' 'unsafe-inline' https://www.googletagmanager.com http://www.google-analytics.com/analytics.js http://tagmanager.google.com/debug; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com |
X-Frame-Options | DENY |
Strict-Transport-Security | max-age=10886400; includeSubDomains; preload |
X-Download-Options | noopen |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Vary | Accept-Encoding |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Via | 1.1 google |
Alt-Svc | clear |
Transfer-Encoding | chunked |