HTTP/1.1 200 OKContent-Encoding: gzipContent-Security-Policy-Report-Only: connect-src *;frame-src *;img-src https: data: blob: about: safari-extension: safari-resource: chrome-extension: http://*.rackcdn.com http://*.tumblr.com http://huaban.com;worker-src blob:;script-src https: 'unsafe-eval' 'unsafe-inline'; report-uri /log/cspContent-Type: text/html; charset=UTF-8Server: nginxStrict-Transport-Security: max-age=31536000X-Content-Security-Policy-Report-Only: connect-src *;frame-src *;img-src https: data: blob: about: safari-extension: safari-resource: chrome-extension: http://*.rackcdn.com http://*.tumblr.com http://huaban.com;worker-src blob:;script-src https: 'unsafe-eval' 'unsafe-inline'; report-uri /log/cspX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-Trace-Id: Iw8XjjYobMIiHh8Eu0AMyqd6wq8X-XSS-Protection: 1; mode=blockAccept-Ranges: bytesVia: 1.1 varnishAccept-Ranges: bytesDate: Sun, 29 Apr 2018 06:00:02 GMTVia: 1.1 varnishConnection: keep-aliveX-Served-By: cache-iad2137-IAD, cache-hhn1520-HHNX-Cache: MISS, MISSX-Cache-Hits: 0, 0X-Timer: S1524981602.023951,VS0,VE113Vary: Accept-Encoding