Server | nginx |
Content-Type | text/html |
Transfer-Encoding | chunked |
Connection | keep-alive |
Content-Security-Policy | object-src 'self'; img-src 'self' data: *.twimg.com *.twitter.com *.gstatic.com *.google-analytics.com *.googleapis.com *.facebook.net *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.twimg.com *.googletagmanager.com www.google-analytics.com maps.googleapis.com ajax.googleapis.com *.gstatic.com *.twitter.com *.statcounter.com *.facebook.net *.facebook.com; |
X-Content-Security-Policy | object-src 'self'; img-src 'self' data: *.twimg.com *.twitter.com *.gstatic.com *.google-analytics.com *.googleapis.com *.statcounter.com *.facebook.net *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.twimg.com *.googletagmanager.com www.google-analytics.com maps.googleapis.com *.gstatic.com ajax.googleapis.com *.twitter.com *.statcounter.com *.facebook.net *.facebook.com; |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | post-check=0, pre-check=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 |
Pragma | no-cache |
Access-Control-Allow-Origin | * |
Strict-Transport-Security | includeSubDomains; preload, max-age=31536000 |
X-Frame-Options | SAMEORIGIN, SAMEORIGIN |
Content-Encoding | gzip |