Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Connection: Keep-Alive Content-Language: en Content-Security-Policy: default-src 'self'; script-src 'self' https://ssl.google-analytics.com/ga.js https://www.gstatic.com https://www.google.com/recaptcha/api.js 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://ssl.google-analytics.com/ga.js https://www.gstatic.com https://www.google.com/recaptcha/api.js 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://www.google.com https://ssl.google-analytics.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' http://www.google.com 'unsafe-inline' 'unsafe-eval'; report-uri /admin/config/system/seckit/csp-report Content-Type: text/html; charset=utf-8 Date: Fri, 06 Oct 2017 06:21:59 GMT Expires: Sun, 19 Nov 1978 05:00:00 GMT Keep-Alive: timeout=5, max=100 Link: ; rel="shortlink",; rel="canonical" Server: Apache Strict-Transport-Security: max-age=1000 Transfer-Encoding: chunked X-Content-Security-Policy: default-src 'self'; script-src 'self' https://ssl.google-analytics.com/ga.js https://www.gstatic.com https://www.google.com/recaptcha/api.js 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://ssl.google-analytics.com/ga.js https://www.gstatic.com https://www.google.com/recaptcha/api.js 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://www.google.com https://ssl.google-analytics.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' http://www.google.com 'unsafe-inline' 'unsafe-eval'; report-uri /admin/config/system/seckit/csp-report X-Content-Type-Options: nosniff X-Frame-Options: SameOrigin X-Generator: Drupal 7 (http://drupal.org) X-Webkit-Csp: default-src 'self'; script-src 'self' https://ssl.google-analytics.com/ga.js https://www.gstatic.com https://www.google.com/recaptcha/api.js 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://ssl.google-analytics.com/ga.js https://www.gstatic.com https://www.google.com/recaptcha/api.js 'unsafe-inline' 'unsafe-eval'; img-src 'self' http://www.google.com https://ssl.google-analytics.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' http://www.google.com 'unsafe-inline' 'unsafe-eval'; report-uri /admin/config/system/seckit/csp-report