Content-Security-Policy: script-src holy.trinity.joburg api.instagram.com onesignal.com cdn.onesignal.com cdn.datatables.net cdn.syndication.twimg.com platform.twitter.com cdn.ywxi.net api.reftagger.com *.pinterest.com *.facebook.net *.wp.com *.googleapis.com disqus.com *.disqus.com *.disquscdn.com *.google-analytics.com *.gstatic.com *.googlesyndication.com *.doubleclick.net *.facebook.com *.cloudflare.com reftaggercdn.global.ssl.fastly.net widgets.getpocket.com apis.google.com platform.tumblr.com secure.gravatar.com s1.wp.com www.google.com platform.linkedin.com/in.js www.mcafeesecure.com 'Unsafe-inline' 'Unsafe-eval';; HTTP/1.1 200 OK Set-Cookie: PHPSESSID=28r3ekkc0jmakg88surfg2m3j1; path=/ X-Content-Type-Options: nosniff Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Expect-CT: enforce; max-age=86400; Server: Apache Vary: Accept-Encoding Link: <https://holy.trinity.joburg/wp-json/>; rel="https://api.w.org/", <https://holy.trinity.joburg/>; rel=shortlink Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding: chunked X-TEC-API-ROOT: https://holy.trinity.joburg/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://holy.trinity.joburg X-XSS-Protection: 1; mode=block Pragma: no-cache X-Frame-Options: DENY X-TEC-API-VERSION: v1 Date: Sat, 03 Feb 2018 23:17:32 GMT Referrer-Policy: no-referrer Strict-Transport-Security: max-age=63072000; includeSubDomains; preload