X-WebKit-CSP: default-src 'self' 87.237.215.243 dns1.sentig.se *.google.com *.facebook.com *.googleapis.com *.jsdelivr.net; script-src 'self' *.jsdelivr.net *.google-analytics.com *.google.com *.facebook.com *.gstatic.com *.twitter.com *.youtube.com *.ytimg.com 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';img-src 'self' * ;frame-src * ;font-src * ; media-src 'self' *.gstatic.com ; object-src 'self' *.gstatic.com *.youtube.com ; connect-src 'self' *.gstatic.com *.youtube.com *.ytimg.com ; report-uri /tmp/ ;
Content-Security-Policy: default-src 'self' 87.237.215.243 dns1.sentig.se *.google.com *.facebook.com *.googleapis.com *.jsdelivr.net; script-src 'self' *.jsdelivr.net *.google-analytics.com *.google.com *.facebook.com *.gstatic.com *.twitter.com *.youtube.com *.ytimg.com 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';img-src 'self' * ;frame-src * ;font-src * ;media-src 'self' *.gstatic.com ; object-src 'self' *.gstatic.com *.youtube.com *.ytimg.com ; connect-src 'self' *.gstatic.com *.youtube.com *.ytimg.com ; report-uri /tmp/ ;
Expires: -1
Connection: close
Server: Apache
X-Frame-Options: sameorigin
X-Content-Security-Policy: default-src 'self' 87.237.215.243 dns1.sentig.se *.google.com *.facebook.com *.googleapis.com *.jsdelivr.net ; script-src 'self' *.jsdelivr.net *.google-analytics.com *.google.com *.facebook.com *.gstatic.com *.twitter.com *.youtube.com *.ytimg.com 'unsafe-inline' 'unsafe-eval' ;style-src * 'unsafe-inline' ;img-src 'self' * ;frame-src * ; font-src * ;media-src 'self' *.gstatic.com ; object-src 'self' *.gstatic.com ; connect-src 'self' *.gstatic.com *.youtube.com *.ytimg.com ; report-uri /tmp/ ;
HTTP/1.1 200 OK
Date: Wed, 18 Oct 2017 14:25:26 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Length: 1826
Last-Modified: Wed, 04 Jul 2012 09:22:33 GMT
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only