X-XSS-Protection | 1 |
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' * |
X-Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' * |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=31536000; includeSubDomains; |
X-Content-Type-Options | nosniff |
Cache-Control | no-cache, no-store, must-revalidate, private |
Pragma | no-cache |
Expires | 0 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Server-Node | ${HOSTNAME} |
Content-Type | text/html; charset=UTF-8 |
X-Cache | HIT |
Connection | keep-alive |
Accept-Ranges | bytes |