Server | Apache |
X-Frame-Options | SAMEORIGIN |
x-content-type-options | nosniff |
x-xss-protection | 1; mode=block |
content-security-policy | default-src 'self' *.bmf.gv.at; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bmf.gv.at static.etracker.com code.etracker.com www.etracker.de; img-src 'self' www.etracker.de; connect-src 'self' www.etracker.de wss://www.usp.gv.at |
x-content-security-policy | default-src 'self' *.bmf.gv.at; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bmf.gv.at static.etracker.com code.etracker.com www.etracker.de; img-src 'self' www.etracker.de; connect-src 'self' www.etracker.de wss://www.usp.gv.at |
Cache-Control | no-cache, no-store, must-revalidate, proxy-revalidate |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=16070400; includeSubDomains |
Keep-Alive | timeout=5, max=99 |
Connection | Keep-Alive |
Transfer-Encoding | chunked |
Content-Type | text/html;charset=UTF-8 |