Content-Security-Policy: default-src 'self' http://netdna.bootstrapcdn.com https://fonts.googleapis.com http://fonts.googleapis.com http://maxcdn.bootstrapcdn.com http://lightwidget.com/widgets/a0cf843484225382a60bf61038f92307.html http://lightwidget.com/widgets/lightwidget.js 'unsafe-inline' 'unsafe-eval' https://fonts.gstatic.com http://www.google-analytics.com http://cdn.jsdelivr.net https://themes.googleusercontent.com http://maps.googleapis.com http://csi.gstatic.com http://maps.gstatic.com http://fonts.gstatic.com http://maps.google.com http://maps.googleapis.com; report-uri /admin/config/system/seckit/csp-report
X-Generator: Drupal 7 (http://drupal.org)
Date: Tue, 14 Nov 2017 02:47:15 GMT
HTTP/1.1 200 OK
Content-Language: en
X-WebKit-CSP: default-src 'self' http://netdna.bootstrapcdn.com https://fonts.googleapis.com http://fonts.googleapis.com http://maxcdn.bootstrapcdn.com http://lightwidget.com/widgets/a0cf843484225382a60bf61038f92307.html http://lightwidget.com/widgets/lightwidget.js 'unsafe-inline' 'unsafe-eval' https://fonts.gstatic.com http://www.google-analytics.com http://cdn.jsdelivr.net https://themes.googleusercontent.com http://maps.googleapis.com http://csi.gstatic.com http://maps.gstatic.com http://fonts.gstatic.com http://maps.google.com http://maps.googleapis.com; report-uri /admin/config/system/seckit/csp-report
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-Content-Security-Policy: default-src 'self' http://netdna.bootstrapcdn.com https://fonts.googleapis.com http://fonts.googleapis.com http://maxcdn.bootstrapcdn.com http://lightwidget.com/widgets/a0cf843484225382a60bf61038f92307.html http://lightwidget.com/widgets/lightwidget.js 'unsafe-inline' 'unsafe-eval' https://fonts.gstatic.com http://www.google-analytics.com http://cdn.jsdelivr.net https://themes.googleusercontent.com http://maps.googleapis.com http://csi.gstatic.com http://maps.gstatic.com http://fonts.gstatic.com http://maps.google.com http://maps.googleapis.com; report-uri /admin/config/system/seckit/csp-report
X-Frame-Options: SameOrigin
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Accept-Encoding
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u5
X-XSS-Protection: 1; mode=block
Link: <http://www.espacesleon.fr/>; rel="canonical",<http://www.espacesleon.fr/>; rel="shortlink"
Transfer-Encoding: chunked