Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Expires | Sun, 18 Mar 2018 18:53:54 GMT |
Pragma | no-cache |
Vary | Accept-Encoding, User-Agent |
Expect-CT | enforce; max-age=3600 |
X-Cache | BYPASS |
X-Frame-Options | SAMEORIGIN |
Cache-Control | max-age=2592000, public |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
referrer-policy | strict-origin-when-cross-origin |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Access-Control-Allow-Origin | * |
Content-Security-Policy | default-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self'; upgrade-insecure-requests; form-action 'self'; block-all-mixed-content; object-src 'none' |
Content-Encoding | gzip |