X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Pragma: no-cache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Connection: keep-alive
Date: Wed, 17 May 2017 15:11:27 GMT
Set-Cookie: paratlan=r8kd876p9ls9ir0rpeol34rtg7; path=/; domain=.paratlan.hu; HttpOnly
HTTP/1.1 200 OK
Expires: Thu, 1 Jan 1970 01:00:00 GMT
Content-Security-Policy: default-src 'self' *.facebook.com *.doubleclick.net *.googlesyndication.com *.youtube.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.gstatic.com *.google.com; child-src 'self' *.braintreegateway.com *.paypal.com *.facebook.com *.doubleclick.net *.youtube.com *.google.com; font-src 'self' fiilrcdn.com *.gstatic.com; object-src 'self' *.googlesyndication.com; img-src 'self' fiilrcdn.com www.google-analytics.com *.googlesyndication.com *.doubleclick.net *.facebook.com *.braintreegateway.com *.paypal.com *.paypalobjects.com http://web.micropay.hu *.ytimg.com *.gstatic.com *.googleapis.com *.fbcdn.net android-webview data:; connect-src 'self' *.braintreegateway.com *.paypal.com *.paypalobjects.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fiilrcdn.com *.facebook.com *.facebook.net www.google-analytics.com *.googlesyndication.com *.doubleclick.net *.gstatic.com *.googleapis.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.google.com *.youtube.com *.ytimg.com; style-src 'self' 'unsafe-inline' fiilrcdn.com *.googleapis.com; report-uri https://paratlan.hu/csp_report.php;
Last-Modified: Wed, 17 May 2017 15:11:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0