Server | Apache |
X-Xss-Protection | 1; mode=block |
Referrer-Policy | strict-origin-when-cross-origin |
Strict-Transport-Security | max-age=16000000; includeSubDomains; preload |
Content-Security-Policy | default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' static.nikrou.net photos.nikrou.net; upgrade-insecure-requests; form-action 'self'; frame-ancestors 'none'; connect-src 'self' www.nikrou.net ; report-uri https://nikrou.report-uri.io/r/default/csp/reportOnly |
Last-Modified | Thu, 01 Mar 2018 09:06:45 GMT |
Cache-Control | must-revalidate, max-age=0 |
Pragma | |
X-Frame-Options | deny |
ETag | "2bf6cfba57e5fe1510bcb0b6c0a41dcb-gzip" |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-Content-Type-Options | nosniff |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |