x-dns-prefetch-control | on |
access-control-allow-methods | GET,POST |
access-control-allow-headers | Content-Type, Authorization |
content-security-policy | upgrade-insecure-requests; |
cross-origin-embedder-policy | unsafe-none; report-to='default' |
cross-origin-embedder-policy-report-only | unsafe-none; report-to='default' |
cross-origin-opener-policy | unsafe-none |
cross-origin-opener-policy-report-only | unsafe-none; report-to='default' |
cross-origin-resource-policy | cross-origin |
permissions-policy | accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=() |
referrer-policy | strict-origin-when-cross-origin |
strict-transport-security | max-age=31536000; includeSubDomains |
x-content-security-policy | default-src 'self'; img-src *; media-src * data:; |
x-content-type-options | nosniff |
x-frame-options | SAMEORIGIN |
x-xss-protection | 1; mode=block |
x-permitted-cross-domain-policies | none |
x-litespeed-tag | 6a4_HTTP.200,6a4_front,6a4_URL.6666cd76f96956469e7be39d750cc7d9,6a4_F,6a4_Po.2169,6a4_PGS,6a4_guest,6a4_,6a4_MIN.05a9548992ff6c8c3af1977db3072498.css,6a4_MIN.f3c64ff3fdac18f65d35b4120298db3d.js |
vary | Accept-Encoding |
content-encoding | gzip |
content-length | 8824 |
content-type | text/html; charset=UTF-8 |
date | Tue, 28 Nov 2023 23:46:16 GMT |
server | Apache/2.4.56 (Debian) |
statuscode | 200 |
http_version | HTTP/2 |
(Nice to have)