Server | Apache |
Cache-Control | private, must-revalidate |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | SAMEORIGIN |
ETag | |
X-Powered-By | |
Content-Security-Policy | base-uri https://kiez-kino.de ; default-src https://kiez-kino.de *.facebook.com *.addthis.com *.youtube.com *.gstatic.com *.google.com *.googleapis.com; script-src https://kiez-kino.de *.gstatic.com *.facebook.com *.facebook.net *.addthis.com *.addthisedge.com *.youtube.com *.googleapis.com *.google.com 'unsafe-inline' 'unsafe-eval'; style-src https://kiez-kino.de *.googleapis.com 'unsafe-inline' |
Referrer-Policy | origin-when-cross-origin |
Strict-Transport-Security | max-age=3000000 |
Upgrade | h2,h2c |
Connection | keep-alive, Keep-Alive, Upgrade |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=2, max=1000 |
Transfer-Encoding | chunked |
Content-Type | text/html; charset=UTF-8 |