Content-Language: en-US
Via: 1.1 varnish-v4, 1.1 dd2e87141f0c93647821ace3080db8c7.cloudfront.net (CloudFront)
Connection: keep-alive
X-Varnish-Cache: HIT
X-Amz-Cf-Id: x21ey6DXZZRAYhqLztkkIQyareu_tjPw09WZniF71FZnf5vFOq7OxQ==
Date: Fri, 03 Nov 2017 15:12:28 GMT
Vary: Accept-Encoding,Accept-Language,Cookie
X-Frame-Options:
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Age: 839
X-Cache: Miss from cloudfront
Accept-Ranges: bytes
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
X-XSS-Protection: 1; mode=block
X-Varnish: 74035493 73805450
Server: nginx/1.11.5
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=14400, s-maxage=7200
X-Varnish-Node: fe-i-0dd9510b0766bf22e
Content-Security-Policy: default-src 'self' https:; script-src 'self' https: 'unsafe-inline' https://vaas.acapela-group.com 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: https://api.pusherapp.com wss://ws.pusherapp.com wss://*.firebaseio.com http://localhost:8080; media-src 'self' https: http://vaas.acapela-group.com; report-uri //code.org/https/mixed-content; frame-ancestors 'self' http://*.disney.com http://*.diznee.net code.org studio.code.org