Content-Length: 52309
X-Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.surrey.ac.uk:* hello.myfonts.net *.cloudfront.net *.surrey.ac.uk www.googletagmanager.com *.sharethis.com *.raxcdn.com *.amazonaws.com www.google-analytics.com js.bizographics.com www.youtube.com stats.g.doubleclick.net s.ytimg.com *.linkedin.com storify.com www.google.com *.bizographics.com pbs.twimg.com www.google.co.uk www.qzzr.com surrey.funnelback.co.uk *.seatadvisor.com connect.facebook.net *.licdn.com ws.sessioncam.com *.googleapis.com widget.unistats.ac.uk *.gstatic.com *.facebook.com *.twitter.com *.twimg.com *.click4assistance.co.uk *.instagram.com www.googleadservices.com *.doubleclick.net *.blackbaudhosting.com; report-uri /admin/config/system/seckit/csp-report
X-Drupal-Cache: MISS
X-UA-Compatible: IE=Edge
X-Frame-Options: SameOrigin
Last-Modified: Wed, 10 May 2017 04:31:02 GMT
Via: 1.1 varnish-v4
Age: 938
X-WebKit-CSP: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.surrey.ac.uk:* hello.myfonts.net *.cloudfront.net *.surrey.ac.uk www.googletagmanager.com *.sharethis.com *.raxcdn.com *.amazonaws.com www.google-analytics.com js.bizographics.com www.youtube.com stats.g.doubleclick.net s.ytimg.com *.linkedin.com storify.com www.google.com *.bizographics.com pbs.twimg.com www.google.co.uk www.qzzr.com surrey.funnelback.co.uk *.seatadvisor.com connect.facebook.net *.licdn.com ws.sessioncam.com *.googleapis.com widget.unistats.ac.uk *.gstatic.com *.facebook.com *.twitter.com *.twimg.com *.click4assistance.co.uk *.instagram.com www.googleadservices.com *.doubleclick.net *.blackbaudhosting.com; report-uri /admin/config/system/seckit/csp-report
X-Request-ID: v-793ef276-3539-11e7-8202-22000a4d1994
Link: <https://www.surrey.ac.uk/>; rel="canonical",<https://www.surrey.ac.uk/>; rel="shortlink"
X-Varnish: 620234 1553108
Cache-Control: public, max-age=21600
Content-Language: en
From-Origin: same
Vary: Cookie,Accept-Encoding
ETag: W/"1494390662-1"
Content-Type: text/html; charset=utf-8
X-AH-Environment: prod
X-XSS-Protection: 1; mode=block
X-Cache-Hits: 766
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.surrey.ac.uk:* hello.myfonts.net *.cloudfront.net *.surrey.ac.uk www.googletagmanager.com *.sharethis.com *.raxcdn.com *.amazonaws.com www.google-analytics.com js.bizographics.com www.youtube.com stats.g.doubleclick.net s.ytimg.com *.linkedin.com storify.com www.google.com *.bizographics.com pbs.twimg.com www.google.co.uk www.qzzr.com surrey.funnelback.co.uk *.seatadvisor.com connect.facebook.net *.licdn.com ws.sessioncam.com *.googleapis.com widget.unistats.ac.uk *.gstatic.com *.facebook.com *.twitter.com *.twimg.com *.click4assistance.co.uk *.instagram.com www.googleadservices.com *.doubleclick.net *.blackbaudhosting.com; report-uri /admin/config/system/seckit/csp-report
X-Server-Name: web-20197.prod.hosting.acquia.com
X-Generator: Drupal 7 (http://drupal.org)
Date: Wed, 10 May 2017 04:46:40 GMT
Connection: keep-alive
HTTP/1.1 200 OK
X-Cache: HIT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff