Server | nginx |
Content-Type | text/html; charset=utf-8 |
Connection | keep-alive |
Vary | Accept-Encoding,Host |
Content-Language | de |
Access-Control-Allow-Origin | "*" |
Access-Control-Request-Method | GET, POST, OPTIONS |
Access-Control-Allow-Credentials | true |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=63072000; includeSubdomains; preload |
Public-Key-Pins | pin-sha256="f0Q5EysF3yAhgmgvxXb66p61Xydx60Wk+gHD82HeZMk="; pin-sha256="CgOi6wxlH6M2fyOsJB/pvGnJhi5MtwNxgrx1zHcmtZo="; max-age=5184000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |