Content-Security-Policy: default-src 'none'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' http://*.googleapis.com https://*.googleapis.com http://*.google.com http://*.gstatic.com https://www.google-analytics.com http://www.google-analytics.com http://*.iubenda.com http://*.bootstrapcdn.com; style-src * 'self' 'unsafe-inline' http://*.iubenda.com https://*.iubenda.com http://*.bootstrapcdn.com http://*.googleapis.com https://*.google.com http://*.gstatic.com; img-src * 'self' data: blob:; font-src * 'self' http://*.gstatic.com https://*.gstatic.com; connect-src * 'self' http://*.iubenda.com; frame-src * 'self' http://*.iubenda.com http://static.ak.facebook.com https://static.ak.facebook.com https://*.google.com http://*.gstatic.com; child-src * 'self' http://*.iubenda.com http://static.ak.facebook.com https://static.ak.facebook.com http://*.google.com https://*.google.com; object-src 'self'; reflected-xss https://*.google.com http://*.gstatic.com; referrer https://*.google.com http://*.gstatic.com; report-uri https://report-uri.io/report/ac3d791a5d61e37b132fd3a2ce266f4f;
Set-Cookie: 300gpBAK=R4178757645; path=/; expires=Wed, 28-Jun-2017 14:24:39 GMT
Cache-Control: max-age=0, no-transform
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=edge
X-CDN-Pop-IP: 51.254.41.192/26
Accept-Ranges: bytes
HTTP/1.1 200 OK
X-Cacheable: Cacheable
Set-Cookie: Onekor6=it; expires=Thu, 28-Jun-2018 13:25:49 GMT; Max-Age=31536000; path=/; domain=onekor.it
X-IPLB-Instance: 968
Date: Wed, 28 Jun 2017 13:25:49 GMT
Expires: Wed, 28 Jun 2017 13:25:49 GMT
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-CDN-Pop: rbx1
Set-Cookie: 300gpD=R437801991; path=/; max-age=900
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked