Server | Apache |
Content-Security-Policy | default-src 'none';img-src 'self';style-src 'self';report-uri /c/ |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | ALLOW |
Strict-Transport-Security | max-age=31536000;includeSubDomains;preload |
Public-Key-Pins | max-age=31536000;pin-sha256="HD3EpAqgxJWKGiSuuXPyipmL33IwYlwhLUgF1gKYOuc=";pin-sha256="dwUkkREEnv6pEtNJoRzlBHJm3IlUvPhgy0mdYFOM6V8=";includeSubDomains;report-uri="https://int21.de/hpkp.php" |
X-Content-Type-Options | nosniff |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |