Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding, Cookie |
Last-Modified | Sat, 04 Feb 2017 12:31:55 GMT |
Cache-Control | max-age=360, must-revalidate |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Content-Security-Policy | default-src https: wss: data: self 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' data:; font-src https: data: ; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Content-Encoding | gzip |