Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Cache-Control | no-cache, private |
Content-Security-Policy | script-src 'unsafe-inline' https: 'nonce-diPewBg/eVUaLBmECAu7+vsfGxQ=' 'strict-dynamic'; object-src 'none'; base-uri 'none'; |
X-Content-Security-Policy | script-src 'unsafe-inline' https: 'nonce-diPewBg/eVUaLBmECAu7+vsfGxQ=' 'strict-dynamic'; object-src 'none'; base-uri 'none'; |
X-CSP-Nonce | diPewBg/eVUaLBmECAu7+vsfGxQ= |
X-OneAgent-JS-Injection | true |
X-ruxit-JS-Agent | true |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Referrer-Policy | strict-origin-when-cross-origin |
Expect-CT | max-age=3600 |
Content-Encoding | gzip |