Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Connection | keep-alive |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
Public-Key-Pins | pin-sha256="h6801m+z8v3zbgkRHpq6L29Esgfzhj89C1SyUCOQmqU="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="6X0iNAQtPIjXKEVcqZBwyMcRwq1yW60549axatu3oDE="; pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="hKt/n8XrJnP3czMTKgZLx5NhiiXfYrdLodt3B3OSBA4="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=2592000; includeSubdomains; report-uri="https://tit-cdn.de/hpkp-report/" |
Referrer-Policy | strict-origin-when-cross-origin |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy-Report-Only | default-src 'self'; img-src * data:; script-src 'self' https://cdn0.tit-cdn.de 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://cdn1.tit-cdn.de; font-src 'self' https://cdn0.tit-cdn.de; style-src 'self' https://cdn0.tit-cdn.de 'unsafe-inline'; report-uri https://tit-cdn.de/csp-report/ |
Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Expires | -1 |