Server | nginx |
Content-Type | text/html; charset=utf-8 |
Connection | keep-alive |
X-Drupal-Cache | HIT |
Etag | "1518070127-1" |
Content-Security-Policy-Report-Only | default-src 'self' 'unsafe-inline' 'unsafe-eval' mobiliar.rokka.io *.googleadservices.com *.googlesyndication.com mobiliar.jacando.jobs *.cod02.u5e.com cod02.u5e.com *.mimo-app.ch *.mobi-online.ch mobi-chat.ch *.letsfaildance.ch *.mobiliar.ch *.mobiliere.ch *.mobiliare.ch mimo-mobi-ch.herokuapp.com *.prospective.ch *.mobi-check-hochwasserschutz.whatwedo.io *.simplex.tv *.google.com *.youtube.com *.youtu.be *.wemakeit.com *.googletagmanager.com *.visualwebsiteoptimizer.com *.google-analytics.com *.pingdom.net *.adform.net *.doubleclick.net cdnjs.cloudflare.com themes.googleusercontent.com *.googleapis.com *.googleapis.net www.googleadservices.com *.google.ch *.gstatic.com *.upstream-media.ch gsa://onpageload mobi.zeilenwerk.ch data evenito.com clients1.google.com; img-src 'self' mobiliar.rokka.io dev.visualwebsiteoptimizer.com *.google-analytics.com *.doubleclick.net *.pingdom.net *.google.ch *.gstatic.com; report-uri /admin/config/system/seckit/csp-report |
X-Content-Security-Policy-Report-Only | default-src 'self' 'unsafe-inline' 'unsafe-eval' mobiliar.rokka.io *.googleadservices.com *.googlesyndication.com mobiliar.jacando.jobs *.cod02.u5e.com cod02.u5e.com *.mimo-app.ch *.mobi-online.ch mobi-chat.ch *.letsfaildance.ch *.mobiliar.ch *.mobiliere.ch *.mobiliare.ch mimo-mobi-ch.herokuapp.com *.prospective.ch *.mobi-check-hochwasserschutz.whatwedo.io *.simplex.tv *.google.com *.youtube.com *.youtu.be *.wemakeit.com *.googletagmanager.com *.visualwebsiteoptimizer.com *.google-analytics.com *.pingdom.net *.adform.net *.doubleclick.net cdnjs.cloudflare.com themes.googleusercontent.com *.googleapis.com *.googleapis.net www.googleadservices.com *.google.ch *.gstatic.com *.upstream-media.ch gsa://onpageload mobi.zeilenwerk.ch data evenito.com clients1.google.com; img-src 'self' mobiliar.rokka.io dev.visualwebsiteoptimizer.com *.google-analytics.com *.doubleclick.net *.pingdom.net *.google.ch *.gstatic.com; report-uri /admin/config/system/seckit/csp-report |
X-WebKit-CSP-Report-Only | default-src 'self' 'unsafe-inline' 'unsafe-eval' mobiliar.rokka.io *.googleadservices.com *.googlesyndication.com mobiliar.jacando.jobs *.cod02.u5e.com cod02.u5e.com *.mimo-app.ch *.mobi-online.ch mobi-chat.ch *.letsfaildance.ch *.mobiliar.ch *.mobiliere.ch *.mobiliare.ch mimo-mobi-ch.herokuapp.com *.prospective.ch *.mobi-check-hochwasserschutz.whatwedo.io *.simplex.tv *.google.com *.youtube.com *.youtu.be *.wemakeit.com *.googletagmanager.com *.visualwebsiteoptimizer.com *.google-analytics.com *.pingdom.net *.adform.net *.doubleclick.net cdnjs.cloudflare.com themes.googleusercontent.com *.googleapis.com *.googleapis.net www.googleadservices.com *.google.ch *.gstatic.com *.upstream-media.ch gsa://onpageload mobi.zeilenwerk.ch data evenito.com clients1.google.com; img-src 'self' mobiliar.rokka.io dev.visualwebsiteoptimizer.com *.google-analytics.com *.doubleclick.net *.pingdom.net *.google.ch *.gstatic.com; report-uri /admin/config/system/seckit/csp-report |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
X-Frame-Options | SameOrigin |
Strict-Transport-Security | max-age=15768000; includeSubDomains |
Content-Language | it |
X-UA-Compatible | IE=edge,chrome=1 |
X-Generator | Drupal 7 (http://drupal.org) |
Cache-Control | public, max-age=900 |
Last-Modified | Thu, 08 Feb 2018 06:08:47 GMT |
Expires | Sun, 19 Nov 1978 05:00:00 GMT |
Content-Encoding | gzip |
Vary | Cookie,Accept-Encoding, X-Forwarded-Proto |
Accept-Ranges | bytes |
X-Varnish | 414478739 414472818 |
Age | 877 |
Via | 1.1 varnish |
X-Varnish-Cache | HIT |