HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Security-Policy: default-src 'self' blob: www.nood.tv; base-uri 'self' ci-store-sticker.s3.amazonaws.com ci-store-avatar.s3.amazonaws.com ci-store-photo.s3.amazonaws.com; block-all-mixed-content; connect-src 'self' wss://*.ably.io wss://*.ably-realtime.com *.ably-realtime.com *.ably.io www.nood.tv vod.nood.tv vod-hls.nood.tv live-hls.nood.tv ci-store-movie.s3.amazonaws.com ci-store-sticker.s3.amazonaws.com ci-store-avatar.s3.amazonaws.com ci-store-photo.s3.amazonaws.com; font-src 'self' data:; form-action 'self' secure.verotel.com; frame-ancestors 'none'; img-src 'self' blob: data: assets.nood.tv twemoji.maxcdn.com twitter.github.io; media-src 'self' blob: *.nood.tv; object-src 'self'; plugin-types application/x-shockwave-flash; script-src 'self' blob: 'unsafe-eval' assets.nood.tv *.ably-realtime.com *.ably.io; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; report-uri https://nood.report-uri.com/r/d/csp/enforce
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Aug 2019 09:53:53 GMT
Etag: W/"0a51903ed979d1bcc255b498cb30533f"
Expect-CT: enforce, max-age=2592000, report-uri="https://nood.report-uri.com/r/d/ct/enforce"
Referrer-Policy: strict-origin-when-cross-origin
Server: ECS (dab/4B86)
Set-Cookie: _nood_session=c8083bb84313b1fe5767a44ac765b601; path=/; expires=Mon, 26 Aug 2019 09:53:53 -0000; secure; HttpOnly; SameSite=Lax
Strict-Transport-Security: max-age=2592000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 67985b3f-6b6e-4c17-9a0c-f5f5315ec74b
X-Runtime: 0.009834
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked