| Server | Apache |
| X-Powered-By | PHP/7.2.2 |
| x-cache-handler | php |
| Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
| X-Xss-Protection | 1; mode=block |
| Content-Security-Policy | default-src www.arminwolf.at *.arminwolf.at *.orf.at *.youtube.com *.vimeo.com *.facebook.com platform.twitter.com *.twitter.com *.twimg.com *.googleapis.com *.facebook.net *.gstatic.com *.google.com *.wp.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net *.soundcloud.com soundcloud.com *.scribd.com *.slideshare.net *.speakerdeck.com *.tumblr.com *.instagram.com *.flickr.com code.jquery.com uebermedien.de data: 'unsafe-inline' 'unsafe-eval'; img-src * data:; font-src * data:; report-uri https://www.arminwolf.at/wp-content/tools/csp-violation-report-endpoint/ |
| Upgrade | h2 |
| Connection | Upgrade, Keep-Alive |
| Vary | Accept-Encoding |
| Content-Encoding | gzip |
| X-Content-Type-Options | nosniff, nosniff |
| X-Frame-Options | sameorigin |
| Referrer-Policy | no-referrer-when-downgrade |
| Keep-Alive | timeout=5, max=500 |
| Transfer-Encoding | chunked |
| Content-Type | text/html; charset=UTF-8 |