Server | Apache |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=31536000;includeSubDomains;preload |
x-frame-options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Referrer-Policy | same-origin |
Public-Key-Pins | max-age=604800;pin-sha256="ZYjRupbfSkiNeYZZOhWDWZ8T/i/qMuDyE3maGfe3C0E=";pin-sha256="uugd10jY5NQoJ6iQnKCMq0A2UNkAmLHyIa4rLCi65nQ=";pin-sha256="G0ZWo/Z9LqjVU9Ktggd2I0Z8Ld9Dh8n4O6QsIcgebng=";pin-sha256="Dei2TY0IxtFYW6NiCJyW/OuWOIpdqS7gqPDYS2qfjQA=" |
Content-Security-Policy | default-src 'none';script-src 'self' cdn2.http2.pro www.google-analytics.com;style-src 'self' cdn2.http2.pro;img-src 'self' cdn2.http2.pro www.google-analytics.com;connect-src 'self';form-action 'self';upgrade-insecure-requests;manifest-src 'self'; |
Upgrade | h2 |
Connection | Upgrade, Keep-Alive |
Cache-Control | max-age=1800 |
Expires | Sat, 23 Sep 2017 12:13:45 GMT |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=45, max=250 |
Content-Type | text/html; charset=UTF-8 |