Medihead.de summary

Connection: keep-alive Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000 HTTP/1.1 200 OK Date: Thu, 01 Mar 2018 17:03:50 GMT Server: nginx/1.13.8 Content-Security-Policy: default-src https://js.intercomcdn.com/ 'self'; img-src * 'self' https://s3.eu-central-1.amazonaws.com/medihead/ https://res.cloudinary.com/dy9qjcyej/ https://www.google.com/ https://www.google.de/ https://googleads.g.doubleclick.net/ https://www.google-analytics.com/ data:; script-src 'self' 'unsafe-inline' data: https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js https://www.googleadservices.com/ http://www.google-analytics.com/ https://www.google-analytics.com/ https://maps.googleapis.com/ https://www.youtube.com/iframe_api http://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/ http://s.ytimg.com/yts/jsbin/ https://static.doubleclick.net/ https://googleads.g.doubleclick.net/ 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ http://fonts.googleapis.com/; font-src data: https://js.intercomcdn.com/ https://fonts.gstatic.com/ http://fonts.gstatic.com/ https://sxt.cdn.skype.com/assets/fonts/; connect-src 'self' https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://api-iam.intercom.io https://maps.googleapis.com/ https://apm-engine.mobilehead.de/ https://apm-engine.mobilehead.de/errors/ https://www.facebook.com/ wss://medihead.de/ ws://medihead.de/ wss://medihead.de/ ws://medihead.de/ https://api.cloudinary.com/; manifest-src 'self'; frame-src gsa://onpageload https://bid.g.doubleclick.net/ http://www.youtube.com/ https://www.youtube.com/;