Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Content-Language | en |
Vary | Accept-Encoding |
Server | Microsoft-IIS/7.5 |
X-Powered-By | PHP/7.0.9 |
OFF_X-Xss-Protection | 1; mode=block |
OFF_X-Frame-Options | SAMEORIGIN |
Access-Control-Allow-Headers | Accept,Content-Type,X-Requested-With,x-fancybox |
Access-Control-Allow-Methods | POST,GET,OPTIONS |
Access-Control-Allow-Origin | * |
OFF_Content-Security-Policy | default-src 'self' dwl.dawconnect.com; img-src 'self' img5.bestservice.de video5.bestservice.de connect.ekomi.de www.google-analytics.com; media-src audio5.bestservice.de video5.bestservice.de videom5.bestservice.de 'self' *.bestservice.de; script-src 'self' www.google-analytics.com connect.ekomi.de www.googleadservices.com p.jwpcdn.com dwl.dawconnect.com 'unsafe-inline' 'unsafe-eval'; child-src 'self' googleads.g.doubleclick.net www.google.com www.google.de; font-src 'self' fonts.gstatic.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; object-src 'self' |
OFF_X-Webkit-CSP | allow 'self'; img-src 'self' img5.bestservice.de connect.ekomi.de; media-src audio5.bestservice.de video5.bestservice.de videom5.bestservice.de 'self' *.bestservice.de; script-src 'self' www.google-analytics.com connect.ekomi.de www.googleadservices.com p.jwpcdn.com dwl.dawconnect.com 'unsafe-inline'; frame-src 'self' googleads.g.doubleclick.net; font-src 'self' fonts.gstatic.com; style-src 'self' fonts.googleapis.com; object-src 'self' |
OFF_X-Content-Security-Policy | allow 'self' dwl.dawconnect.com ; img-src 'self' img5.bestservice.de connect.ekomi.de; media-src audio5.bestservice.de video5.bestservice.de videom5.bestservice.de 'self' *.bestservice.de; script-src 'self' www.google-analytics.com connect.ekomi.de www.googleadservices.com p.jwpcdn.com 'unsafe-inline'; frame-src 'self' googleads.g.doubleclick.net; font-src 'self' fonts.gstatic.com; style-src 'self' fonts.googleapis.com; object-src 'self' |