Server | Apache/2.4.10 (Debian) |
X-Content-Type-Options | nosniff |
Content-Security-Policy-Report-Only | default-src data: *; script-src *.apis.google.com *.googleapis.com www.google-analytics.com https://www.google-analytics.com https://maps.google.com https://ssl.google-analytics.com https://twitter.com *.twitter.com *.twimg.com connect.facebook.net static.ak.fbcdn.net *.trustedshops.com *.zopim.com https://snapwidget.com snapwidget.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' *; img-src data: *; frame-ancestors 'self'; report-uri /enl/csp_report.jsp |
Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Expires | Thu, 01 Jan 1970 00:00:00 GMT |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Content-Type | text/html;charset=iso-8859-15 |