| Server | nginx |
| Content-Type | text/html; charset=utf-8 |
| Transfer-Encoding | chunked |
| Connection | keep-alive |
| Content-Language | de |
| Vary | Accept-Encoding, , Accept-Language, Cookie |
| Strict-Transport-Security | max-age=15768000 |
| X-Frame-Options | SAMEORIGIN |
| X-Content-Type-Options | nosniff |
| X-XSS-Protection | 1; mode=block |
| Content-Security-Policy | default-src 'self'; img-src * 'self' data:; connect-src 'self' https://api.netze-bw.de https://sentry.msnode.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.netze-bw.de https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com https://cdn.polyfill.io https://www.google.com https://csi.gstatic.com https://www.google-analytics.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.netze-bw.de https://nd-styles-test.azureedge.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; font-src 'self' https://cdn.netze-bw.de https://nd-styles-test.azureedge.net https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com; object-src 'none' |
| X-Page-Speed | May the force be with you! |
| Cache-Control | max-age=0, no-cache |
| Content-Encoding | gzip |