Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Content-Encoding | gzip |
Content-Security-Policy | child-src 'self'; connect-src 'self' ws: https://*.cloudinary.com http://*.cloudinary.com https://deepimpact.eu.auth0.com/ https://amag-dev.eu.auth0.com/ https://amag-prod.eu.auth0.com http://*.hotjar.com https://*.hotjar.com; default-src 'self'; img-src 'self' blob: data: https://*.googleapis.com https://*.google.com https://*.gstatic.com https://www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net https://*.googleusercontent.com https://*.cloudinary.com http://*.cloudinary.com; font-src 'self' data: https://*.googleapis.com https://*.google.com https://*.gstatic.com https://www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net https://*.googleusercontent.com; object-src https://*.cloudinary.com http://*.cloudinary.com; media-src https://*.cloudinary.com http://*.cloudinary.com; script-src 'self' 'nonce-c1074a70-31ba-4197-bcf0-2f8a466adfbd' 'unsafe-inline' https://*.googleapis.com https://*.google.com https://*.gstatic.com https://www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net https://*.googleusercontent.com https://app-lon05.marketo.com http://*.hotjar.com https://*.hotjar.com https://www.autoscout24.ch; style-src 'self' 'unsafe-inline' blob: https://*.googleapis.com https://*.google.com https://*.gstatic.com https://www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net https://*.googleusercontent.com https://app-lon05.marketo.com; frame-src 'self' https://www.google.com https://www.youtube.com http://www.autoscout24.ch http://www.autolina.ch https://www.autolina.ch vtp.dasweltauto.ch https://plan.soft-nrg.com https://app-lon05.marketo.com http://*.hotjar.com https://*.hotjar.com |
ETag | W/"46205-bLYsRtlcPctxPyNe4jaSVw" |
Strict-Transport-Security | max-age=63072000; includeSubdomains; |
Vary | Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | SAMEORIGIN |
X-Powered-By | Express |
X-XSS-Protection | 1; mode=block |