HTTP Headers report for uniklinikum-dresden.de

Header Name	Header Data
HTTP status code	200
Content-Security-Policy	default-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval' 'self' uniklinikum-dresden.de youtube.com; connect-src 'self' cgcweb.med.tu-dresden.de; img-src https: 'self' uniklinikum-dresden.de data:; style-src 'unsafe-inline' 'self' uniklinikum-dresden.de; font-src 'unsafe-inline' 'self' https://www.uniklinikum-dresden.de data: uniklinikum-dresden.de; frame-src 'self' www.youtube.com cgcweb.med.tu-dresden.de ukd-navigator.de secure.fundraisingbox.com em.altruja.de altruja.de ukdd.de www.ukdd.de www.youtube-nocookie.com; media-src 'self' data: uniklinikum-dresden.de; object-src 'self';
Date	Sat, 19 Apr 2025 14:55:04 GMT
Server	Apache
X-Cacheable	NO - Set Cookie
Accept-Ranges	bytes
X-Frame-Options	ALLOW-FROM https://ixserv.med.tu-dresden.de/
Vary	Accept-Encoding
X-Varnish	6334454
Grace
X-Cache	MISS
X-Content-Type-Options	nosniff
Set-Cookie	I18N_LANGUAGE="de"; Path=/;HttpOnly;Secure
X-Tile-Url	https://www.uniklinikum-dresden.de/de/willkommen-im-universitaetsklinikum-carl-gustav-carus-dresden/@@ukd.covertiles.richtext/c6111051-8cc7-4468-b3be-b342d26dd1ff
Content-Language	de
Expires	Sat, 01 Jan 2000 00:00:00 GMT
Content-Type	text/html;charset=utf-8
X-Backend	client3
Age	0
Via	1.1 varnish (Varnish/7.1)
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar