Server | Apache |
X-Powered-By | PHP/7.2.2 |
x-cache-handler | php |
Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
X-Xss-Protection | 1; mode=block |
Content-Security-Policy | default-src www.arminwolf.at *.arminwolf.at *.orf.at *.youtube.com *.vimeo.com *.facebook.com platform.twitter.com *.twitter.com *.twimg.com *.googleapis.com *.facebook.net *.gstatic.com *.google.com *.wp.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net *.soundcloud.com soundcloud.com *.scribd.com *.slideshare.net *.speakerdeck.com *.tumblr.com *.instagram.com *.flickr.com code.jquery.com uebermedien.de data: 'unsafe-inline' 'unsafe-eval'; img-src * data:; font-src * data:; report-uri https://www.arminwolf.at/wp-content/tools/csp-violation-report-endpoint/ |
Upgrade | h2 |
Connection | Upgrade, Keep-Alive |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-Content-Type-Options | nosniff, nosniff |
X-Frame-Options | sameorigin |
Referrer-Policy | no-referrer-when-downgrade |
Keep-Alive | timeout=5, max=500 |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=UTF-8 |