Server | Apache/2.4.6 (Red Hat) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.21 mod_python/3.5.0- Python/2.7.5 |
X-Powered-By | PHP/5.5.21 |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Pragma | no-cache |
X-Frame-Options | SAMEORIGIN |
X-WebKit-CSP | default-src 'self' geocoder.adviceplatform.it *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com *.googleapis.com *.gstatic.com *.youtube.com *.googlevideo.com *.ytimg.com fonts.googleapis.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' geocoder.adviceplatform.it *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com *.googleapis.com *.gstatic.com *.youtube.com *.googlevideo.com *.ytimg.com 'unsafe-inline' 'unsafe-eval' https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/; frame-src 'self' https://www.youtube.com/embed/ http://*.prosurvey.it; img-src 'self' *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com data:; reflected-xss block; report-uri /_/security-reports/violation; |
X-Content-Security-Policy | default-src 'self' geocoder.adviceplatform.it *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com *.googleapis.com *.gstatic.com *.youtube.com *.googlevideo.com *.ytimg.com fonts.googleapis.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' geocoder.adviceplatform.it *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com *.googleapis.com *.gstatic.com *.youtube.com *.googlevideo.com *.ytimg.com 'unsafe-inline' 'unsafe-eval' https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/; frame-src 'self' https://www.youtube.com/embed/ http://*.prosurvey.it; img-src 'self' *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com data:; reflected-xss block; report-uri /_/security-reports/violation; |
Content-Security-Policy | default-src 'self' geocoder.adviceplatform.it *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com *.googleapis.com *.gstatic.com *.youtube.com *.googlevideo.com *.ytimg.com fonts.googleapis.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' geocoder.adviceplatform.it *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com *.googleapis.com *.gstatic.com *.youtube.com *.googlevideo.com *.ytimg.com 'unsafe-inline' 'unsafe-eval' https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/; frame-src 'self' https://www.youtube.com/embed/ http://*.prosurvey.it; img-src 'self' *.google-analytics.com *.facebook.com *.facebook.net *.ak.facebook.com data:; reflected-xss block; report-uri /_/security-reports/violation; |
Vary | Accept-Encoding |
Content-Encoding | gzip |
cache-control | no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |