Server | nginx/1.6.2 |
Content-Type | text/html;charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-XSS-Protection | 1; mode=block |
Cache-Control | no-cache, no-store, max-age=0, must-revalidate |
Pragma | no-cache |
Expires | 0 |
Content-Language | en-US |
Strict-Transport-Security | max-age=31536000; |
X-Frame-Options | DENY, DENY |
X-Content-Type-Options | nosniff, nosniff |
Content-Security-Policy-Report-Only | default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report |