Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-ob_mode | 1 |
X-Frame-Options | DENY |
Content-Security-Policy | default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;;style-src 'self' 'unsafe-inline' ;img-src 'self' data: ; |
X-Content-Security-Policy | default-src 'self' ;options inline-script eval-script;img-src 'self' data: ; |
X-WebKit-CSP | default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline' ;img-src 'self' data: ; |
Expires | Wed, 06 Jul 2016 13:29:45 +0000 |
Cache-Control | no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 |
Pragma | no-cache |
Last-Modified | Wed, 06 Jul 2016 13:29:45 +0000 |
Content-Encoding | gzip |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=31536000; includeSubDomains |