Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Frame-Options | deny |
X-Content-Type-Options | nosniff |
Cache-Control | no-cache |
Public-Key-Pins | pin-sha256="aef6IF2UF6jNEwA2pNmP7kpgT6NFSdt7Tqf5HzaIGWI="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Fbs+o+IxVNTHBpjNQYfX/TBnxPC+OWLYxQLEtqkrAfM="; max-age=2592000; includeSubDomains |
Content-Security-Policy | default-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: https:; img-src data: https:; style-src 'unsafe-inline' https:; child-src https:; connect-src 'self' https://links.services.disqus.com; font-src https:; frame-src https://disqus.com; |
Content-Encoding | gzip |