Server | nginx/1.9.6 |
Content-Type | text/html; charset=UTF-8 |
Last-Modified | Mon, 26 Oct 2015 05:06:30 GMT |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Expires | Sat, 19 Dec 2015 16:35:40 GMT |
Cache-Control | max-age=3888000, public |
Strict-Transport-Security | max-age=315360000; includeSubDomains; preload |
x-dns-prefetch-control | on |
Timing-Allow-Origin | * |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-Permitted-Cross-Domain-Policies | none |
Access-Control-Allow-Origin | * |
Access-Control-Max-Age | 1728000 |
Content-Security-Policy | default-src https:; img-src data: https:; style-src 'unsafe-eval' 'unsafe-inline' https:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' https:; referrer no-referrer; reflected-xss block; |
X-Meta | This HTTP response is now DIAMONDS |
X-NSA-DNT | DEST USA |
Content-Encoding | gzip |