Server | Apache |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Permitted-Cross-Domain-Policies | master-only |
Referrer-Policy | no-referrer |
public-key-pins | pin-sha256="zMBvIpRwqFvgHrYn54ijPENNk9z8Uk72QFF5KWIvO2Q="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=2592000; includeSubDomains |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
Connection | keep-alive, close |
Keep-Alive | timeout=100,max=500 |
Cache-Control | private, no-cache, no-store, proxy-revalidate, no-transform |
Pragma | no-cache |
Content-Type | text/html; charset=UTF-8 |