HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 04 May 2018 16:09:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 3292
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With,content-type, Authorization,x-access-token,Accept,Origin
Cache-Control: no-cache="Set-Cookie, Set-Cookie2"
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com/ apis.google.com/ www.google-analytics.com ajax.googleapis.com maps.googleapis.com/ embed.js/ demo-nodebeats-com.disqus.com/ a.disquscdn.com/; style-src 'self' 'unsafe-inline' fonts.googleapis.com/ a.disquscdn.com/; img-src 'self' data: stats.g.doubleclick.net/ www.google-analytics.com/ res.cloudinary.com/ csi.gstatic.com/ maps.gstatic.com/ maps.googleapis.com/ referrer.disqus.com/ a.disquscdn.com/; font-src 'self' data: fonts.gstatic.com/ fonts.googleapis.com/; media-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-scripts allow-same-origin allow-popups allow-forms; frame-src 'self' accounts.google.com/ content.googleapis.com/ disqus.com/; connect-src 'self' content.googleapis.com/ links.services.disqus.com/; report-uri /report-violation
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Last-Modified: Fri, 13 Apr 2018 12:06:30 GMT
ETag: W/"cdc-162bee659c5"
set-cookie: id=s%3AXg2EarnQisaHQK4IuTY-sx0Ud8F3s3aj.i9cfm6e%2Bu4kFuK7ytyIlOCoBLVZ633Bcq%2FAvP%2FYmDEI; Path=/; HttpOnly
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: DENY
X-Content-Type-Options: nosniff