Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com/ https://seal.websecurity.norton.com/ https://www.google.com/ https://www.google-analytics.com/ https://image.providesupport.com/ https://browser-update.org/ https://www.googleadservices.com/ https://ajax.googleapis.com/ https://apis.google.com/ https://cdnjs.cloudflare.com/ https://*.optimizely.com/ https://optimizely.s3.amazonaws.com/ https://script.crazyegg.com/ https://s3.amazonaws.com/ https://cdn3.optimizely.com/; img-src 'self' https://code.jquery.com/ https://seal.websecurity.norton.com/ data: https://chart.googleapis.com/ https://www.google-analytics.com/ https://image.providesupport.com/ https://stats.g.doubleclick.net/ http://stats.g.doubleclick.net/ https://ssl.gstatic.com/ https://s3.amazonaws.com/ https://*.optimizely.com/ https://www.google.com/ https://www.google.nl/; style-src 'self' 'unsafe-inline' https://code.jquery.com/ https://www.google.com/ https://ajax.googleapis.com/ https://maxcdn.bootstrapcdn.com/; font-src https://maxcdn.bootstrapcdn.com/ 'self'; frame-src https://www.youtube.com/ https://googleads.g.doubleclick.net/ https://www.google.com/ https://www.google.nl/ https://apis.google.com/ https://accounts.google.com/ https://*.optimizely.com/; object-src 'self'; connect-src 'self' https://*.optimizely.com/
X-XSS-Protection: 1; mode=block
Date: Mon, 22 May 2017 13:34:18 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: app=22u4ighvj5aqg8ofo50fagvb97; path=/; domain=www.goldrepublic.de; secure; HttpOnly
Content-Type: text/html; charset=utf-8
Server: nginx
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Set-Cookie: GR_LOCALE=pnone%3BOGQyODFlNzNkNjQ4MjBlODM5MmEzOWQ0YmYwNGZhNGEyN2JlNTk3Zg%3D%3D; expires=Sun, 31-May-2037 22:00:00 GMT; Max-Age=631959942; path=/; domain=.goldrepublic.de; secure; httponly
Pragma: no-cache
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive