Access-Control-Allow-Credentials | true |
Access-Control-Allow-Headers | X-Requested-With,Content-Disposition,Content-Type,Content-Description,Content-Range,X-CSRF-Token,Authorization |
Access-Control-Allow-Methods | HEAD, GET, POST, PUT, DELETE, OPTIONS |
Access-Control-Allow-Origin | 1scope.com |
Content-Encoding | gzip |
Content-Security-Policy | object-src 'none'; base-uri 'none'; |
Content-Type | text/html; charset=utf-8 |
ETag | W/"13917-tFwVg9npve67bNMqnWLRTyfunzs" |
Server | nginx/1.10.3 |
set-cookie | _1scope_sess=s%3AAdJcTvS9hgniQWpqKsQAVJn2VWFcVEr9.GA0wxqKDkcmzXjESSxax4J2J3YSPlTrUw9jy6P%2Fq5ng; Path=/; Expires=Fri, 23 Mar 2018 12:58:14 GMT; HttpOnly; Secure |
Strict-Transport-Security | max-age=10886400; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Connection | keep-alive |