HTTP/1.1 200 OKContent-Security-Policy: default-src 'self' https://www.google.com/analytics https://cdn.mxpnl.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google.com http://www.google-analytics.com data:; script-src 'self' 'unsafe-inline' https://www.google.com/analytics https://cdn.mxpnl.com 'unsafe-eval' https://fonts.googleapis.com https://fonts.gstatic.com https://www.google.com http://www.google-analytics.com data:; connect-src * 'self' https://www.google.com/analytics https://cdn.mxpnl.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google.com http://www.google-analytics.com data:; img-src data: 'self' https://www.google.com/analytics https://cdn.mxpnl.com https://shapeshift.io https://fonts.googleapis.com https://fonts.gstatic.com https://www.google.com http://www.google-analytics.com https://s3.amazonaws.com https://pbs.twimg.com; style-src 'self' 'unsafe-inline' https://www.google.com/analytics https://cdn.mxpnl.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google.com http://www.google-analytics.com data:;Content-Type: text/html; charset=utf-8Date: Sun, 23 Sep 2018 04:29:39 GMTSet-Cookie: galaxy-sticky=TjsZZz5cBji6nHNJZ-3zv9y; Path=/; HttpOnlyVary: Accept-EncodingX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGIN