Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Security-Policy-Report-Only: default-src * data: blob:; object-src 'self' https://d1ztvzf22lmr1j.cloudfront.net; connect-src 'self' wss://ws-lb.crowdin.com ws://ws-lb.crowdin.com www.google-analytics.com *.googleapis.com crowdin.com graph.facebook.com www.facebook.com/tr/ *.crowdin.com *.crowdin.net crowdin.polldaddy.com; script-src 'self' data: blob: 'unsafe-eval' 'unsafe-inline' www.google-analytics.com *.googleadservices.com *.googleapis.com connect.facebook.net a.quora.com q.quora.com polldaddy.com/survey.js i0.poll.fm/survey.js *.linkedin.com crowdin.com *.crowdin.com *.crowdin.net https://d1ztvzf22lmr1j.cloudfront.net; style-src 'self' 'unsafe-inline' crowdin.com *.crowdin.com fonts.googleapis.com https://d1ztvzf22lmr1j.cloudfront.net; report-uri /csp;
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2017 10:19:52 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Server: nginx
Set-Cookie: cid=fmfgdrg0hlc1k66uenhpvgm574; expires=Sat, 04-Nov-2017 10:19:52 GMT; Max-Age=2592000; path=/; HttpOnly
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block