Server | Apache |
Vary | User-Agent,Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1 |
ETag | "9dbc2eda-gzip" |
Strict-Transport-Security | max-age=31536000 |
Content-Security-Policy | default-src https: 'self'; font-src 'self' data:; script-src https: 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.google-analytics.com; style-src https: 'self' 'unsafe-inline' *.google.com; img-src * 'self' data: https:; frame-src 'self' *.google.com cdn.unblu.com *.netcetera.ch *.netcetera.biz; connect-src https: 'self' |
Content-Encoding | gzip |
Keep-Alive | timeout=10, max=498 |
Connection | Keep-Alive |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=UTF-8 |