Server | Apache |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | default-src 'self' fonts.googleapis.com fonts.gstatic.com www.google-analytics.com; form-action 'self'; frame-ancestors 'none'; report-uri https://violations.report-uri.io/r/default/csp/enforce |
Upgrade | h2,h2c |
Connection | Upgrade, Keep-Alive |
Last-Modified | Thu, 22 Feb 2018 19:34:29 GMT |
ETag | "1ec9-565d221e3b378-gzip" |
Accept-Ranges | bytes |
Cache-Control | max-age=0 |
Expires | Sun, 25 Feb 2018 01:12:19 GMT |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=2, max=500 |
Content-Type | text/html |