Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-Z002ZzVRT0V0SmhTdEpsSTU5T1NZbURrcXNYb0tCeTVVVkhTZGMvTHJKdz06c0tUU2xGTFV3c3dBM3FzWnI1L2tPay9SeVlMYlduSFRLQjIyRElhajNxOD0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Set-Cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
X-Powered-By: PHP/7.1.13
X-Robots-Tag: none
Content-Type: text/html; charset=UTF-8
Set-Cookie: oc8wrngwdd9h=4c57bb2b20095c11c5f2a59748962ada; path=/; HttpOnly
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
Server: Apache/2.4.28 (Unix) OpenSSL/1.0.2g
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Expires: Thu, 19 Nov 1981 08:52:00 GMT
HTTP/1.1 400 Bad Request
Date: Tue, 06 Feb 2018 16:37:17 GMT
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Set-Cookie: oc_sessionPassphrase=KnzgQzpmPJdpunIZJPYzWOu25%2Fuw0cjzo5eFweg0UmvzxbnKfTHlqx3MzDFCfpEQdxgVBowHwQMgvO7OzlLUzPRPxvlZZIaINMkMPJiVS1NgxqMhANJvj%2F9RVm8ZUJ2K; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=63072000; includeSubdomains
Pragma: no-cache
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN