X-Content-Security-Policy: default-src 'self' https://chat.shellfire.de https://www.google.de https://maps.google.com https://googleads.g.doubleclick.net https://connect.facebook.net https://www.google.com https://www.googleadservices.com https://www.youtube.com https://*.gstatic.com https://*.googleapis.com https://*.facebook.net https://www.google-analytics.com https://ssl.google-analytics.com https://*.facebook.com https://web.facebook.com https://www.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://chat.shellfire.de https://www.google.com https://maps.google.com https://www.google.net https://connect.facebook.net https://www.google.com https://www.google.net https://www.googleadservices.com https://www.youtube.com https://*.gstatic.com https://*.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.facebook.com https://web.facebook.com https://www.googletagmanager.com https://static.ads-twitter.com https://analytics.twitter.com https://tagmanager.google.com ; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.facebook.net https://tagmanager.google.com ; img-src data: * ;
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ub9bltkl3da6kbd1or5dfmes72; path=/
Content-Length: 31573
Server: Apache
X-Content-Type-Options: nosniff
X-Mod-Pagespeed: 1.11.33.5-0
HTTP/1.1 200 OK
Date: Sun, 09 Apr 2017 22:59:28 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ub9bltkl3da6kbd1or5dfmes72; path=/
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Public-Key-Pins: pin-sha256="uPYG7OynVri090t8pohZLdLE6BoCT/fJ7mc+ETHHS90="; pin-sha256="oLCdiLHYYtfxd6oVa8mSdw6iBF5HA4fvy406lLbTCEs="; pin-sha256="LMR47iT0Ms7grWl3WcG3uSftsqB25LnG3B5AwtNFNwU="; max-age=10
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Content-Language: de
Content-Security-Policy: default-src 'self' https://chat.shellfire.de https://www.google.de https://maps.google.com https://googleads.g.doubleclick.net https://connect.facebook.net https://www.google.com https://www.googleadservices.com https://www.youtube.com https://*.gstatic.com https://*.googleapis.com https://*.facebook.net https://www.google-analytics.com https://ssl.google-analytics.com https://*.facebook.com https://web.facebook.com https://www.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://chat.shellfire.de https://www.google.com https://maps.google.com https://www.google.net https://connect.facebook.net https://www.google.com https://www.google.net https://www.googleadservices.com https://www.youtube.com https://*.gstatic.com https://*.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.facebook.com https://web.facebook.com https://www.googletagmanager.com https://static.ads-twitter.com https://analytics.twitter.com https://tagmanager.google.com ; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.facebook.net https://tagmanager.google.com ; img-src data: * ;
X-WebKit-CSP: default-src 'self' https://chat.shellfire.de https://www.google.de https://maps.google.com https://googleads.g.doubleclick.net https://connect.facebook.net https://www.google.com https://www.googleadservices.com https://www.youtube.com https://*.gstatic.com https://*.googleapis.com https://*.facebook.net https://www.google-analytics.com https://ssl.google-analytics.com https://*.facebook.com https://web.facebook.com https://www.google.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://chat.shellfire.de https://www.google.com https://maps.google.com https://www.google.net https://connect.facebook.net https://www.google.com https://www.google.net https://www.googleadservices.com https://www.youtube.com https://*.gstatic.com https://*.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.facebook.com https://web.facebook.com https://www.googletagmanager.com https://static.ads-twitter.com https://analytics.twitter.com https://tagmanager.google.com ; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.facebook.net https://tagmanager.google.com ; img-src data: * ;