Content-Type: text/html; charset="UTF-8"
X-Content-Type-Options: nosniff
Expires: Sat, 04 Nov 2017 06:45:47 GMT
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
X-Xss-Protection: 1; mode=block
Server: Apache/2.4
Upgrade: h2,h2c
HTTP/1.1 200 OK
Connection: Upgrade
X-Webkit-CSP: default-src 'self' 'unsafe-inline' http: https: data: *.googleapis.com *.gstatic.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.gravatar.com *.facebook.com *.twitter.com *.youtube.com *.w.org *.wordpress.org *.jsdelivr.net *.api.mailchimp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.googleapis.com *.jsdelivr.net; report-uri https://www.digital-liberal.ch/cspsettings/;
Strict-Transport-Security: max-age=10886400
Date: Thu, 05 Oct 2017 06:45:47 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' http: https: data: *.googleapis.com *.gstatic.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.gravatar.com *.facebook.com *.twitter.com *.youtube.com *.w.org *.wordpress.org *.jsdelivr.net *.api.mailchimp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.jsdelivr.net; report-uri https://www.digital-liberal.ch/cspsettings/;
Vary: Cookie,Accept-Encoding
Cache-Control: max-age=2592000