HTTP/1.1 200 OKCache-Control: no-cache, no-store, must-revalidateContent-Security-Policy-Report-Only: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://localhost:8001 http://localhost:8001 https://*.youtube.com https://cdn.jsdelivr.net https://*.google-analytics.com https://*.googleapis.com https://www.googletagmanager.com https://*.newrelic.com http://*.sumome.com/ sumo.b-cdn.net https://secure-ds.serving-sys.com https://bam.nr-data.net https://cdnjs.cloudflare.com https://code.jquery.com; style-src 'self' 'unsafe-inline' sumo.b-cdn.net https://cdn.jsdelivr.net https://use.fontawesome.com fonts.googleapis.com https://cdnjs.cloudflare.com; img-src * data:; report-uri https://cd36466f21f5db895967ac9cb87c0cb5.report-uri.com/r/d/csp/reportOnlyContent-Type: text/html; charset=utf-8Date: Sun, 10 May 2020 20:11:21 GMTLast-Modified: Sun, 10 May 2020 16:32:02 GMTServer: ApacheStrict-Transport-Security: max-age=86400; includeSubDomainsVary: X-Forwarded-ProtocolX-Content-Type-Options: nosniffX-Xss-Protection: 1