Server | nginx/1.12.1 (Ubuntu) |
Content-Type | text/html |
Last-Modified | Wed, 03 Jan 2018 01:54:59 GMT |
Transfer-Encoding | chunked |
Connection | keep-alive |
ETag | W/"5a4c37f3-1f15" |
Content-Security-Policy | default-src 'none'; connect-src https://www.zachaysan.com; script-src 'self'; img-src 'self'; style-src 'self'; font-src 'self'; frame-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.example.com; report-uri https://zachaysan.report-uri.io/r/default/csp/enforce ; |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | DENY |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Public-Key-Pins | pin-sha256="nypb14JBkVToakpf8xAXQtdP8jEtdApG2U+Z9B157kQ="; pin-sha256="wiZASNQS7/fWVNpLpreOdX0cyBCVfUwKc589SeGN1cU="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; max-age=2592002; includeSubDomains; report-uri="https://zachaysan.report-uri.io/r/default/hpkp/enforce" |
Referrer-Policy | same-origin |
Content-Encoding | gzip |