Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | deflate |
Expires | -1 |
Vary | Accept-Encoding |
Server | Microsoft-IIS/8.5 |
X-UA-Compatible | IE=Edge |
X-AspNet-Version | 4.0.30319 |
X-Powered-By | ASP.NET |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | default-src 'self'; img-src * data:; media-src * blob:; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src * data:; frame-src *; connect-src * |
Strict-Transport-Security | max-age=157680000 |
X-Frame-Options | SAMEORIGIN, SAMEORIGIN, SAMEORIGIN |
X-Content-Type-Options | nosniff, nosniff |
Public-Key-Pins | pin-sha256="Lr/20+FES0d43hF/F80hiqMGCRs28/K1fD4GE4pxv1I="; pin-sha256="du6FkDdMcVQ3u8prumAo6t3i3G27uMP2EOhR8R0at/U="; pin-sha256="980Ionqp3wkYtN9SZVgMzuWQzJta1nfxNPwTem1X0uc="; max-age=2592000; includeSubDomains |