Cache-Control | max-age=0, private, must-revalidate |
Content-Encoding | gzip |
Content-Security-Policy | default-src *; connect-src 'self' https: http: wss:; font-src 'self' data: https: http:; img-src 'self' data: https: http:; object-src 'none'; script-src 'self''unsafe-inline' 'unsafe-eval' https: http: data:; style-src 'self' 'unsafe-inline' https: http: |
Content-Type | text/html; charset=utf-8 |
ETag | W/"3717bb66ecea4352b03054c5e90763c7" |
Server | nginx |
Strict-Transport-Security | max-age=604800, max-age=15768000; includeSubDomains; preload |
Vary | Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | sameorigin |
X-Permitted-Cross-Domain-Policies | none |
X-Request-Id | cc234c9c-9f10-4e8d-bac5-f3b008435cb9 |
X-Runtime | 1.818414 |
X-UA-Compatible | IE=edge |
X-XSS-Protection | 1; mode=block |
transfer-encoding | chunked |
Connection | keep-alive |