Server | Apache |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Content-Security-Policy | default-src https: data: 'unsafe-inline' 'unsafe-eval' |
Public-Key-Pins | pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000 |
X-Xss-Protection | 1; mode=block |
Cache-Control | no-cache, max-age=0 |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
Expires | Mon, 20 Jun 2016 12:21:19 GMT |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Keep-Alive | timeout=5, max=99 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |