HTTP/1.1 200 OKX-Frame-Options: SAMEORIGINX-DNS-Prefetch-Control: offX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: *X-Powered-By: ExpressContent-Security-Policy-Report-Only: default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src data: https: http://helios.bt.no http://helios.fvn.no http://helios.aftenbladet.no http://helios.adressa.no; report-uri https://collector.schibsted.io/api/v1/csp/finn/platform-web/proCache-Control: private, max-age=60content-type: text/html; charset=utf-8Vary: Accept-EncodingDate: Tue, 02 Oct 2018 06:13:01 GMTSet-Cookie: USERID=15384571818640709; Max-Age=7776000; Domain=finn.no; Path=/; Secure; HttpOnlyStrict-Transport-Security: max-age=15552000