Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
X-Marketing-Version | 9f664502055c134726842f440c26cd11f896eb44 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=31557600; includeSubDomains; preload |
ETag | W/"9b053de10678452001f290a63679d75f" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | aon9npm39mmrn3vmrcfg |
X-Runtime | 0.034975 |
Content-Security-Policy | default-src 'self'; connect-src 'self' app.intercom.io app.intercom.com api.intercom.io api-iam.intercom.io api-ping.intercom.io js.intercomcdn.com nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io nexus-long-poller-a.intercom.io nexus-long-poller-b.intercom.io store.intercomassets.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com app.getsentry.com hn.inspectlet.com wss://inspectletws.herokuapp.com wss://ws.inspectlet.com *.akamaihd.net *.log.optimizely.com *.wistia.com *.wistia.net; font-src data: https:; frame-src 'self' share.intercom.io fast.wistia.com fast.wistia.net googleads.g.doubleclick.net bid.g.doubleclick.net youtube.com www.youtube.com js.stripe.com staticxx.facebook.com w.soundcloud.com ti.to *.tito.io www.google.com www.google.ca; img-src data: blob: https:; media-src data: blob: https:; script-src 'self' app.intercom.io js.intercomcdn.com store.intercomassets.com marketing.intercomassets.com widget.intercom.io ajax.googleapis.com analytics.twitter.com cdn.inspectlet.com cdn.optimizely.com connect.facebook.net distillery.wistia.com distillery-main.wistia.com fast.wistia.com fast.wistia.net js.stripe.com platform.twitter.com secure.adnxs.com store.intercom.io ti.to www.google.com www.google-analytics.com www.googleadservices.com *.tito.io gtm.intercom.com gtm.intercomassets.com bat.bing.com 'nonce-eocuZreew8j8uESWhqctA3DcnASKaIgmaMJtjtPs/1Q='; style-src 'self' 'unsafe-inline' *.tito.io marketing.intercomassets.com; report-uri https://app.getsentry.com/api/66939/csp-report/?sentry_key=29b5f5eec8a84e438912a540b105240d |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Server | nginx |