HTTP/1.1 302 Found
Date: Thu, 16 Dec 2021 08:55:05 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 42
Connection: keep-alive
Server: nginx/1.20.0
X-Powered-By: Express
Location: https://unalike.xyz/
Vary: Accept
HTTP/2 301
date: Thu, 16 Dec 2021 08:55:06 GMT
content-type: text/plain; charset=utf-8
content-length: 58
location: https://www.unalike.xyz/
server: nginx/1.20.0
x-dns-prefetch-control: off
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-expose-headers: X-Auth, X-Auth-Refresh, X-Ping
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: Set-Cookie, CSRF-Token, X-CSRF-Token
content-security-policy: img-src * data: blob: *.stripe.com; style-src 'self' 'unsafe-inline' blob: *.vimeocdn.com *.twitter.com *.s3-eu-west-1.amazonaws.com false fonts.googleapis.com *.cdn.unalike.net *.unalike.net *.cdn.unalike.xyz *.unalike.xyz; font-src * data:; object-src 'none'; worker-src 'self' blob:; frame-ancestors *.youtube.com youtube.com *.youtube-nocookie.com youtube-nocookie.com; base-uri 'none'; manifest-src 'self' *.s3-eu-west-1.amazonaws.com *.unalike.net unalike.net *.cdn.unalike.net *.unalike.xyz unalike.xyz *.cdn.unalike.xyz; form-action syndication.twitter.com *.unalike.net unalike.net *.unalike.xyz unalike.xyz; frame-src *.twitter.com *.youtube.com *.youtube-nocookie.com js.stripe.com hooks.stripe.com *.s3-eu-west-1.amazonaws.com player.vimeo.com fast.wistia.net false *.cdn.unalike.net *.unalike.net unalike.net *.cdn.unalike.xyz *.unalike.xyz unalike.xyz; child-src 'self' blob: www.youtube.com www.youtube-nocookie.com *.vimeo.com *.vimeocdn.com player.vimeo.com fast.wistia.net; media-src blob: data: *.s3-eu-west-1.amazonaws.com *.cdn.unalike.net *.cdn.unalike.xyz cdn.contentthat.com contentthat-development.s3.amazonaws.com contentthat.s3.amazonaws.com unalike-development.s3.amazonaws.com unalike.s3.amazonaws.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' platform.twitter.com js.stripe.com platform.twitter.com syndication.twitter.com cdn.syndication.twimg.com *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net d1l6p2sc9645hc.cloudfront.net *.gosquared.com js.gs-chat.com *.s3-eu-west-1.amazonaws.com cdn.usefathom.com *.cdn.unalike.net *.unalike.net unalike.net *.cdn.unalike.xyz *.unalike.xyz unalike.xyz; connect-src 'self' cdn.contentthat.com data: blob: about: sentry.io api.stripe.com *.vimeo.com wss://gs-ws.com api.gosquared.com metrics.gs-chat.com gschat-uploads.s3-accelerate.amazonaws.com cdn.plyr.io *.s3-eu-west-1.amazonaws.com cdn.usefathom.com unalike.net *.unalike.net wss://unalike.net wss://www.unalike.net unalike.xyz *.unalike.xyz wss://unalike.xyz wss://www.unalike.xyz unalike.s3.amazonaws.com contentthat.s3.amazonaws.com contentthat.s3-accelerate.amazonaws.com unalike.s3.eu-west-1.amazonaws.com contentthat-development.s3.eu-west-1.amazonaws.com contentthat.s3.eu-west-1.amazonaws.com;
referrer-policy: same-origin
vary: Accept, Accept-Encoding
HTTP/2 200
date: Thu, 16 Dec 2021 08:55:06 GMT
content-type: text/html
server: nginx/1.20.0
x-dns-prefetch-control: off
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-expose-headers: X-Auth, X-Auth-Refresh, X-Ping
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-headers: Set-Cookie, CSRF-Token, X-CSRF-Token
content-security-policy: img-src * data: blob: *.stripe.com; style-src 'self' 'unsafe-inline' blob: *.vimeocdn.com *.twitter.com *.s3-eu-west-1.amazonaws.com false fonts.googleapis.com *.cdn.unalike.net *.unalike.net *.cdn.unalike.xyz *.unalike.xyz; font-src * data:; object-src 'none'; worker-src 'self' blob:; frame-ancestors *.youtube.com youtube.com *.youtube-nocookie.com youtube-nocookie.com; base-uri 'none'; manifest-src 'self' *.s3-eu-west-1.amazonaws.com *.unalike.net unalike.net *.cdn.unalike.net *.unalike.xyz unalike.xyz *.cdn.unalike.xyz; form-action syndication.twitter.com *.unalike.net unalike.net *.unalike.xyz unalike.xyz; frame-src *.twitter.com *.youtube.com *.youtube-nocookie.com js.stripe.com hooks.stripe.com *.s3-eu-west-1.amazonaws.com player.vimeo.com fast.wistia.net false *.cdn.unalike.net *.unalike.net unalike.net *.cdn.unalike.xyz *.unalike.xyz unalike.xyz; child-src 'self' blob: www.youtube.com www.youtube-nocookie.com *.vimeo.com *.vimeocdn.com player.vimeo.com fast.wistia.net; media-src blob: data: *.s3-eu-west-1.amazonaws.com *.cdn.unalike.net *.cdn.unalike.xyz cdn.contentthat.com contentthat-development.s3.amazonaws.com contentthat.s3.amazonaws.com unalike-development.s3.amazonaws.com unalike.s3.amazonaws.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' platform.twitter.com js.stripe.com platform.twitter.com syndication.twitter.com cdn.syndication.twimg.com *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net d1l6p2sc9645hc.cloudfront.net *.gosquared.com js.gs-chat.com *.s3-eu-west-1.amazonaws.com cdn.usefathom.com *.cdn.unalike.net *.unalike.net unalike.net *.cdn.unalike.xyz *.unalike.xyz unalike.xyz; connect-src 'self' cdn.contentthat.com data: blob: about: sentry.io api.stripe.com *.vimeo.com wss://gs-ws.com api.gosquared.com metrics.gs-chat.com gschat-uploads.s3-accelerate.amazonaws.com cdn.plyr.io *.s3-eu-west-1.amazonaws.com cdn.usefathom.com unalike.net *.unalike.net wss://unalike.net wss://www.unalike.net unalike.xyz *.unalike.xyz wss://unalike.xyz wss://www.unalike.xyz unalike.s3.amazonaws.com contentthat.s3.amazonaws.com contentthat.s3-accelerate.amazonaws.com unalike.s3.eu-west-1.amazonaws.com contentthat-development.s3.eu-west-1.amazonaws.com contentthat.s3.eu-west-1.amazonaws.com;
referrer-policy: same-origin
set-cookie: _csrf=4_O1DcayaIfUPl4I9tAndYKd; Domain=.unalike.xyz; Path=/; Secure; SameSite=Lax
set-cookie: XSRF-TOKEN=OFRgKZWQ-72RQwDfG_zuz_Yzu_6ih7p1eY3E; Domain=.unalike.xyz; Path=/; Secure; SameSite=Lax
vary: Accept-Encoding
|