Server | Apache |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Content-Security-Policy | default-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; object-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; style-src data: 'self' 'unsafe-inline' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; img-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; media-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; child-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; font-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; connect-src data: 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net; form-action 'self' ciphron.de *.ciphron.de cloudflare.com *.cloudflare.com google.com *.google.com googleapis.com *.googleapis.com gstatic.com *.gstatic.com google-analytics.com *.google-analytics.com stats.g.doubleclick.net *.stats.g.doubleclick.net |
x-xss-protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Cache-Control | no-cache, max-age=2592000 |
Expires | Sun, 04 Mar 2018 08:26:04 GMT |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=UTF-8 |