Server | nginx |
Content-Type | text/html; charset=utf-8 |
Last-Modified | Mon, 08 Jan 2018 16:07:50 GMT |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
ETag | W/"5a539756-457d" |
Cache-Control | no-cache |
X-UA-Compatible | IE=Edge |
Referrer-Policy | origin-when-cross-origin |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Public-Key-Pins | pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=2592000; includeSubDomains |
Content-Security-Policy | upgrade-insecure-requests; default-src 'none'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; object-src 'self' https:; style-src 'self' data: 'unsafe-inline' https:; img-src 'self' data: https:; media-src 'self' data: https; frame-src 'self' https:; font-src 'self' data: https:; connect-src 'self' https: |
Content-Encoding | gzip |