Strict-Transport-Security: max-age=15768000
Content-Type: text/html; charset=utf-8
X-HHV-Instance: 127
X-Runtime: 0.045027
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger Enterprise 5.0.28
Set-Cookie: _session_id=dFRQZFVwaTRSNGNGYnIyKzhMT3htRU05dXpRaUdrRmFxRjg5YXFKalNMN25pSVd4ZTVsRUpxNEVlQTJVZTdlOVNuZUVnUmI5V1ZYSVVyMURhdlNyY0hXQXVVRmJSVlpXK2xscUJybU90QlRDYVVuWVlwTGRhUkREV0dyMDNucDJ1eThySzJrMENDMjdaazl1TTY2ZlVBPT0tLWpYeVdtaUJRRzJhdHhFRXNRcG8wekE9PQ%3D%3D--ae8815030c4fc4f231a8ca90206a5f520f50d056; path=/; secure; HttpOnly
Date: Thu, 11 May 2017 23:00:26 GMT
Content-Length: 20697
X-XSS-Protection: 1; mode=block
Set-Cookie: hhv_session_id=WEo4ZUpUL0g4TmpJYlBYSytzeVlYTDhsNzlGc2dXYldMR1ZKVUQyNG5XTT0tLUdxMENOQWJNbi9XTFh0Wmd5M0w3TlE9PQ%3D%3D--3383880074b1cf663c71543c9bfa6959ea3a6320; path=/; expires=Mon, 11 May 2037 23:00:26 -0000; secure; HttpOnly
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 01897bef-1489-41a7-a52d-12200aae9da7
X-Frame-Options: SAMEORIGIN
Expires: Thu, 11 May 2017 23:00:26 GMT
Vary: Accept-Encoding
Content-Security-Policy: child-src 'self' api.zanox.ws:* bid.g.doubleclick.net:* dis.eu.criteo.com:* static.addtoany.com:* static.criteo.net:* staticxx.facebook.com:* web.facebook.com:* www.facebook.com:* www.youtube.com:*; connect-src 'self' api.trustedshops.com:* bam.nr-data.net:* sandbox.paypal.com:* widgets.trustedshops.com:* www.adblockanalytics.com:* www.google-analytics.com:* www.paypal.com:* recommender.scarabresearch.com:*; default-src 'none'; font-src 'self' fonts.gstatic.com:* widgets.trustedshops.com:*; img-src 'self' data: *.ggpht.com:* *.googleapis.com:* *.hhv.de:* assets.pinterest.com:* bam.nr-data.net:* csi.gstatic.com:* googleads.g.doubleclick.net:* maps.gstatic.com:* rd.connexity.net:* stats.g.doubleclick.net:* web.facebook.com:* widgets.trustedshops.com:* www.bizrate.com:* www.facebook.com:* www.google.com:* www.google.de:* www.google.fr:* www.google.ie:* www.google-analytics.com:* www.googleadservices.com:* www.pixi.eu:* www1.belboon.de:*; media-src 'self' assets.hhv.de:* cdn.hhv.de:*; object-src 'self' www1.belboon.de:*; script-src 'self' 'unsafe-eval' 'unsafe-inline' ad.zanox.com:* api.zanox.com:* assets.pinterest.com:* bam.nr-data.net:* cdn.scarabresearch.com:* connect.facebook.net:* js-agent.newrelic.com:* log.pinterest.com:* maps.googleapis.com:* recommender.scarabresearch.com:* sslwidget.criteo.com:* static.addtoany.com:* static.criteo.net:* static.zanox.com:* track.webgains.com:* widgets.trustedshops.com:* www.adblockanalytics.com:* www.google-analytics.com:* www.googleadservices.com:* www1.belboon.de:*; style-src 'self' 'unsafe-inline' fonts.googleapis.com:* static.addtoany.com:* widgets.trustedshops.com:*; frame-src 'self' api.zanox.ws:* bid.g.doubleclick.net:* dis.eu.criteo.com:* static.addtoany.com:* static.criteo.net:* staticxx.facebook.com:* web.facebook.com:* www.facebook.com:* www.youtube.com:*
Status: 200 OK
Server: Apache/2.2.16 (Debian)
X-Rack-Cache: miss
Cache-Control: max-age=0, public