Server | nginx/1.13.9 |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Powered-By | PHP/5.6.33 |
Access-Control-Allow-Origin | * |
Access-Control-Allow-Methods | GET, POST, PATCH, PUT, DELETE, OPTIONS |
Access-Control-Allow-Headers | Origin, Content-Type, X-Auth-Token |
Cache-Control | no-cache |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Referrer-Policy | origin-when-cross-origin |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Content-Security-Policy | default-src https: data:; style-src https: http://fonts.googleapis.com http://fonts.google.com 'self' 'unsafe-inline'; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; img-src https: 'self' data: 'unsafe-inline' |
Content-Encoding | gzip |