Server | Apache |
X-Powered-By | PHP/5.5.38 |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.giftstest.com *.googleapis.com *.gstatic.com *.google-analytics.com *.google.com *.google-analytics.com *.addthis.com *.sharethis.com connect.facebook.net use.typekit.net https://use.typekit.net http://use.typekit.net http://giftstest.com http://js.boxcast.com http://platform.twitter.com https://platform.twitter.com https://cdn.syndication.twimg.com *.workzonecam.com; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.sharethis.com *.addthis.com https://*.facebook.net https://*.facebook.com *.typekit.net use.typekit.net https://use.typekit.net http://use.typekit.net http://platform.twitter.com; img-src 'self' data: blob: *.como.com/* *.gofundme.com *.googleapis.com *.gstatic.com *.google-analytics.com *.doubleclick.net *.sharethis.com *.facebook.com https://stats.g.doubleclick.net *.w3.org *.addthis.com b.scorecardresearch.com pixel.mathtag.com *.addnxs.com *.mookie1.com p.typekit.net https://p.typekit.net ping.typekit.net https://ping.typekit.net http://feedburner.google.com https://recordings.boxcast.com https://syndication.twitter.com https://pbs.twimg.com https://abs.twimg.com http://platform.twitter.com; media-src 'self' data: blob: https://*.boxcast.com; child-src 'self' data: blob: *.giftstest.com https://*.facebook.net https://*.facebook.com http://*.facebook.net http://*.facebook.com *.addthis.com *.sharethis.com http://www.youtube.com https://www.youtube.com cse.google.com https://secure2.authorize.net https://test.authorize.net *.vimeo.com https://spiritchurch.ccbchurch.com https://w.soundcloud.com https://spiritchurch.giftstest.com https://player.vimeo.com https://www.google.com/calendar/ https://calendar.google.com https://*.boxcast.com *.workzonecam.com https://*.twitter.com; font-src 'self' themes.googleusercontent.com fonts.gstatic.com data: use.typekit.net https://use.typekit.net http://use.typekit.net https://js.boxcast.com; connect-src 'self' https://spiritchurch.tv https://spiritchurch.churchonline.org https://*.boxcast.com https://*.twitter.com; |
Upgrade | h2,h2c |
Connection | Upgrade, Keep-Alive |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
Accept-Ranges | none |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
XSS-Protection | 1; mode=block |
X-Permitted-Cross-Domain-Policies | none |
Permitted-Cross-Domain-Policies | none |
X-Content-Type-Options | nosniff |
Content-Type-Options | nosniff |
Access-Control-Allow-Origin | http://cse.google.com |
Cache-Control | private, no-store, no-cache, must-revalidate, max-age=0 |
Pragma | no-cache, no-cache |
Keep-Alive | timeout=2, max=250 |
Content-Type | text/html; charset=UTF-8 |
Content-Language | en-US |