Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Keep-Alive | timeout=20 |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=31536000 |
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com connect.facebook.net s7.addthis.com *.quantserve.com *.quantcount.com thebuildcard.com https:; |
X-Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com connect.facebook.net s7.addthis.com *.quantserve.com *.quantcount.com thebuildcard.com https:; |
X-WebKit-CSP | script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com connect.facebook.net s7.addthis.com *.quantserve.com *.quantcount.com thebuildcard.com https:; |
Referrer-Policy | no-referrer-when-downgrade |
Public-Key-Pins | pin-sha256="7g4W1Qq178iewf8+Z7sa+F9m3FZ+BSG2Nt1TwTyG4PA="; pin-sha256="ZX5IEMIUuZ0bHTKbJUXXhAj89aated6/PlFeZIj6g8k="; pin-sha256="swYGVOvU1DMb1H5LAo7nf2vHFk1PKL45a6WAqlFXDEs="; pin-sha256="+oiXP/0gXOOjURtYFavH6RJtiv2rZU1To8gh/Ty8EV8="; max-age=2592000; includeSubDomains; |
X-Cacheable | SHORT |
Vary | Accept-Encoding,Cookie |
Cache-Control | max-age=600, must-revalidate |
X-Cache | MISS |
X-Pass-Why | |
X-Cache-Group | normal |
X-Type | default |
Content-Encoding | gzip |