Content-Type | text/html;charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Application-Context | cara:prod:9000 |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Cache-Control | no-cache, no-store, max-age=0, must-revalidate |
Pragma | no-cache |
Expires | 0 |
Content-Security-Policy | default-src 'self' data: blob:;report-uri https://tipp24.report-uri.io/r/default/csp/enforce;script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' http://*.adform.net *.adform.net *.cloudfront.net *.criteo.com *.criteo.net *.doubleclick.net *.getsentry.com *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.globalsign.com *.gstatic.com *.hotjar.com cdn.jsdelivr.net *.maxymiser.net *.mxpnl.com *.optimizely.com *.sovendus.com *.tipp24.com *.tipp24.ie *.tipp24.net *.m6r.eu *.getmdl.io *.cloudflare.com *.facebook.net *.usabilla.com ;frame-src 'self' https: *.adform.net dis.eu.criteo.com *.google.com *.netkauf.de api.sovendus.com *.optimizely.com ;child-src 'self' https: *.adform.net dis.eu.criteo.com *.google.com *.netkauf.de api.sovendus.com *.optimizely.com ;style-src data: 'unsafe-inline' 'self' *.adform.net *.cloudflare.net *.cloudfront.net *.google.com *.googleapis.com *.gstatic.com *.optimizely.com *.getmdl.io; font-src data: *.googleapis.com *.gstatic.com ; img-src * 'self' data: blob: ;connect-src * 'self' *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.hotjar.com *.getsentry.com *.sentry.io *.criteo.net *.optimizely.com *.adform.net *.facebook.net *.usabilla.com ; |
Content-Language | en-IE |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=5184000; |
Server | cloudflare-nginx |
CF-RAY | 36f551577e483fd1-YUL |
Content-Encoding | gzip |