Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Vary | Accept-Encoding |
ETag | W/"60102c50c60d7d9b865245aa42ceea5f" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | b6cffbe7-a2a1-40c5-b47e-43478ceb06e9 |
Content-Security-Policy | default-src http: 'self' data:; base-uri 'self'; child-src *; connect-src *; img-src 'self' data: *.credit-agricole.it staticstag.agricole.sdchlab.develon.com *.ubiest.com *.ekomi.de *.google.com *.googletagmanager.com *.facebook.com *.google-analytics.com *.doubleclick.net *.cloudfront.net *.mouseflow.com *.amazonaws.com; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' data: connect.ekomi.de www.google.com www.gstatic.com www.googletagmanager.com tagmanager.google.com maps.ubiest.com code.jquery.com *.googleapis.com *.google-analytics.com *.facebook.net *.doubleclick.net *.cloudfront.net *.mouseflow.com; style-src 'unsafe-inline' 'self' fonts.googleapis.com |
Referrer-Policy | origin-when-cross-origin |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | SAMEORIGIN |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 0 |
Content-Encoding | gzip |