Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Security-Policy-Report-Only: default-src 'self' https:; connect-src 'self' https: wss:; font-src 'self' https: data:; frame-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report/48d1dccb-0754-452d-88e6-95530473b160?source%5Baction%5D=index&source%5Bcontroller%5D=welcome&source%5Bsection%5D=ecommerce;
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Oct 2017 10:30:29 GMT
Etag: W/"223f4e7f8473fd4024d29b55e096b134"
Server: Cowboy
Set-Cookie: _opinion_session=3433d79cce53467afd8edb282e07cfa3; path=/; expires=Sat, 07 Oct 2017 10:30:30 -0000; secure; HttpOnly
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 48d1dccb-0754-452d-88e6-95530473b160
X-Runtime: 0.047905
X-Xss-Protection: 1; mode=block; report=/xss-report/48d1dccb-0754-452d-88e6-95530473b160?source%5Baction%5D=index&source%5Bcontroller%5D=welcome&source%5Bsection%5D=ecommerce