Content-Security-Policy | default-src 'self'; img-src 'self' http://*.glueckstag.de https://*.glueckstag.de https://ssl.gstatic.com https://gkl.d3.sc.omtrdc.net/ https://ad.doubleclick.net/ https://*.tradetracker.net/ https://*.zanox.de/ https://*.affilinet.net/ https://partners.webmasterplan.com/; style-src 'self' 'unsafe-inline'; media-src 'self' http://*.glueckstag.de https://*.glueckstag.de http://*.cloudfront.net https://*.cloudfront.net; script-src 'self' https://www.google.com/recaptcha/ https://apis.google.com https://www.gstatic.com/recaptcha/ https://dpm.demdex.net/ https://*.sc.omtrdc.net/; frame-src 'self' http://*.glueckstag.de https://*.glueckstag.de https://www.google.com/recaptcha/ https://5433859.fls.doubleclick.net; child-src 'self' http://*.glueckstag.de https://*.glueckstag.de https://www.google.com/recaptcha/ https://5433859.fls.doubleclick.net; report-uri /debug/csp/report |
X-UA-Compatible | IE=edge,chrome=1 |
Cache-Control | no-cache, no-store, max-age=0, must-revalidate |
Pragma | no-cache |
Expires | 0 |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | DENY |
Strict-Transport-Security | max-age=10886400; includeSubDomains |
Content-Type | text/html;charset=UTF-8 |
Content-Language | de-DE |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |