X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.0.27-1~dotdeb+8.1
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: on
Content-Security-Policy: script-src spotlight.africa cdn.onesignal.com onesignal.com widget.sndcdn.com *.sndcdn.com *.scorecardresearch.com *.sj.org.za sj.org.za cdn.syndication.twimg.com *.twitter.com platform.twitter.com cdn.ywxi.net *.pinterest.com *.soundcloud.com *.facebook.net *.wp.com *.googleapis.com *.google-analytics.com *.gstatic.com *.googlesyndication.com *.doubleclick.net *.facebook.com *.cloudflare.com widgets.getpocket.com apis.google.com platform.tumblr.com secure.gravatar.com www.google.com platform.linkedin.com/in.js 'Unsafe-inline' 'Unsafe-eval';; media-src *.soundcloud.com widget.sndcdn.com; report-uri https://spotlightafrica.report-uri.io/r/default/csp/enforce
Link: <https://spotlight.africa/wp-json/>; rel="https://api.w.org/", <https://wp.me/9jNj1>; rel=shortlink
Date: Wed, 21 Feb 2018 16:46:25 GMT
Set-Cookie: PHPSESSID=98q46qri2114joim2014smpno5; path=/
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
HTTP/1.1 200 OK
Expires: Thu, 19 Nov 1981 08:52:00 GMT
X-Content-Type-Options: nosniff
X-Download-Options: noopen
Transfer-Encoding: chunked
Pragma: no-cache
Cache-Control: public
Accept-Ranges: none
Server: Apache
Strict-Transport-Security: max-age=63072000; preload
Vary: Accept-Encoding