X-XSS-Protection: 1; mode=block
Date: Fri, 28 Apr 2017 18:33:43 GMT
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.twitter.com *.google.com *.gstatic.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.myfonts.net *.googleapis.com; img-src 'self' *.boplatssyd.se *.momentum.se *.googleapis.com *.gstatic.com *.google-analytics.com *.google.com; media-src 'self' *.boplatssyd.se; frame-src 'self' *.malmo.se; font-src 'self' *.myfonts.net *.gstatic.com; connect-src 'self' *.googleapis.com; report-uri /admin/config/system/seckit/csp-report
Last-Modified: Fri, 28 Apr 2017 18:31:10 GMT
X-Frame-Options: SameOrigin
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.twitter.com *.google.com *.gstatic.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.myfonts.net *.googleapis.com; img-src 'self' *.boplatssyd.se *.momentum.se *.googleapis.com *.gstatic.com *.google-analytics.com *.google.com; media-src 'self' *.boplatssyd.se; frame-src 'self' *.malmo.se; font-src 'self' *.myfonts.net *.gstatic.com; connect-src 'self' *.googleapis.com; report-uri /admin/config/system/seckit/csp-report
Expires: Sun, 19 Nov 1978 05:00:00 GMT
X-Drupal-Cache: HIT
HTTP/1.0 200 OK
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.twitter.com *.google.com *.gstatic.com *.google-analytics.com; style-src 'self' 'unsafe-inline' *.myfonts.net *.googleapis.com; img-src 'self' *.boplatssyd.se *.momentum.se *.googleapis.com *.gstatic.com *.google-analytics.com *.google.com; media-src 'self' *.boplatssyd.se; frame-src 'self' *.malmo.se; font-src 'self' *.myfonts.net *.gstatic.com; connect-src 'self' *.googleapis.com; report-uri /admin/config/system/seckit/csp-report
Link: <https://www.boplatssyd.se/>; rel="canonical",<https://www.boplatssyd.se/>; rel="shortlink"
Cache-Control: public, max-age=600
Etag: "1493404270-0"
Content-Language: sv
X-Content-Type-Options: nosniff
Vary: Cookie,Accept-Encoding
X-Generator: Drupal 7 (http://drupal.org)
Content-Type: text/html; charset=utf-8