Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Length: 2804
Content-Security-Policy: default-src 'none'; script-src 'self' www.google-analytics.com maps.googleapis.com www.google.com www.gstatic.com; connect-src 'self' www.snapchat.com; img-src 'self' www.google-analytics.com data: www.snapchat.com csi.gstatic.com maps.gstatic.com maps.googleapis.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; frame-src www.google.com www.youtube.com; report-uri https://csp-central.appspot.com/report_csp
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2017 10:56:03 GMT
Etag: W/"af4-15eea0206f8"
Last-Modified: Thu, 05 Oct 2017 00:49:15 GMT
Server: nginx
Status: 200
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
Via: 1.1 google
X-Frame-Options: DENY
X-Powered-By: Express
X-Xss-Protection: 1; mode=block