Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://www.google-analytics.com/ http://ajax.googleapis.com/ https://platform.twitter.com/ http://platform.twitter.com/ https://syndication.twitter.com/timeline/ http://platform.linkedin.com/ https://ajax.googleapis.com/ajax/libs/angularjs/1.2.25/angular.min.js https://cdn.syndication.twimg.com/timeline/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/ http://platform.twitter.com/css/; img-src 'self' http://www.google-analytics.com/ data: https://syndication.twitter.com/ https://pbs.twimg.com/ https://o.twimg.com https://ton.twimg.com/ http://platform.twitter.com/css/; frame-src https://www.youtube.com http://platform.linkedin.com/; font-src 'self' https://maxcdn.bootstrapcdn.com/; object-src
Content-Type: text/html; charset=utf-8
Surrogate-Control: no-store
Expires: -1
X-Frame-Options: SAMEORIGIN
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=7776000
Set-Cookie: connect.sid=s%3A4tfquINBoYSTIvG6HoSm5wMq.7VHz8xbsgRIVmbJoQRHSYwlpeyhagRP0%2FXAzU0PIYOM; Path=/; Expires=Sat, 16 Dec 2017 09:49:41 GMT; HttpOnly
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://www.google-analytics.com/ http://ajax.googleapis.com/ https://platform.twitter.com/ http://platform.twitter.com/ https://syndication.twitter.com/timeline/ http://platform.linkedin.com/ https://ajax.googleapis.com/ajax/libs/angularjs/1.2.25/angular.min.js https://cdn.syndication.twimg.com/timeline/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/ http://platform.twitter.com/css/; img-src 'self' http://www.google-analytics.com/ data: https://syndication.twitter.com/ https://pbs.twimg.com/ https://o.twimg.com https://ton.twimg.com/ http://platform.twitter.com/css/; frame-src https://www.youtube.com http://platform.linkedin.com/; font-src 'self' https://maxcdn.bootstrapcdn.com/; object-src
Strict-Transport-Security: max-age=15768000
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://www.google-analytics.com/ http://ajax.googleapis.com/ https://platform.twitter.com/ http://platform.twitter.com/ https://syndication.twitter.com/timeline/ http://platform.linkedin.com/ https://ajax.googleapis.com/ajax/libs/angularjs/1.2.25/angular.min.js https://cdn.syndication.twimg.com/timeline/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/ http://platform.twitter.com/css/; img-src 'self' http://www.google-analytics.com/ data: https://syndication.twitter.com/ https://pbs.twimg.com/ https://o.twimg.com https://ton.twimg.com/ http://platform.twitter.com/css/; frame-src https://www.youtube.com http://platform.linkedin.com/; font-src 'self' https://maxcdn.bootstrapcdn.com/; object-src
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Server: nginx
Pragma: no-cache
X-Content-Type-Options: nosniff
ETag: W/"2f86-J88o1PNakbMzHhN/+/gJrw"
X-DNS-Prefetch-Control: off
Content-Length: 12166
Date: Sat, 16 Dec 2017 01:49:41 GMT
X-Download-Options: noopen
X-Powered-By: PHP 4.2.0
X-XSS-Protection: 1; mode=block