Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | deny |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:; img-src 'self' https: http: data:; style-src 'unsafe-inline' https:; child-src https:; connect-src 'self' https: wss://*.duoshuo.com:*; font-src https:; |
Public-Key-Pins | pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="IiSbZ4pMDEyXvtl7Lg8K3FNmJcTAhKUTrB2FQOaAO/s="; pin-sha256="ELaoZg6JkSInELBlz5pqy/4JobLWGrsC0OXAhqypqQI="; max-age=604800; |
Cache-Control | no-cache |
Content-Encoding | gzip |