Cache-Control: max-age=2592000
Connection: Upgrade
Strict-Transport-Security: max-age=10886400
Transfer-Encoding: chunked
Server: Apache/2.4
X-Webkit-CSP: default-src 'self' 'unsafe-inline' http: https: data: *.googleapis.com *.gstatic.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.gravatar.com *.facebook.com *.twitter.com *.youtube.com *.w.org *.wordpress.org *.jsdelivr.net *.api.mailchimp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.googleapis.com *.jsdelivr.net; report-uri https://www.digital-liberal.ch/cspsettings/;
Upgrade: h2,h2c
Vary: Cookie,Accept-Encoding
Date: Thu, 05 Oct 2017 06:45:47 GMT
HTTP/1.1 200 OK
Content-Security-Policy: default-src 'self' 'unsafe-inline' http: https: data: *.googleapis.com *.gstatic.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.gravatar.com *.facebook.com *.twitter.com *.youtube.com *.w.org *.wordpress.org *.jsdelivr.net *.api.mailchimp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.jsdelivr.net; report-uri https://www.digital-liberal.ch/cspsettings/;
X-Content-Type-Options: nosniff
Expires: Sat, 04 Nov 2017 06:45:47 GMT
Content-Type: text/html; charset="UTF-8"
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block