Date: Sun, 29 Nov 2020 06:38:28 GMT
Server: Server
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: same-origin
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Access-Control-Allow-Methods: POST, GET
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; connect-src 'self'; img-src 'self' data: 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' data:
Content-Security-Policy: default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Last-Modified: Thu, 03 Nov 2016 11:55:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
x-encoded-content-encoding: gzip
x-encoded-content-length: 144
|