| Cache-Control | no-cache, no-store, must-revalidate |
| Pragma | no-cache |
| Content-Type | text/html; charset=utf-8 |
| Expires | -1 |
| Server | Healthx/18FEB-9 2 |
| X-LogID | bd5589a8-8291-4697-93c2-4b95d48f8c1e |
| Content-Security-Policy-Report-Only | default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: about:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com maps.googleapis.com https://ssl.google-analytics.com translate.googleapis.com translate.google.com code.jquery.com use.typekit.com www.googletagmanager.com use.typekit.net https://careconnect.widget.custhelp.com https://www.rnengage.com https://careconnect.custhelp.com https://s3.eu-central-1.amazonaws.com https://healthxpomco.mpeasylink.com; connect-src 'self' maps.googleapis.com fonts.googleapis.com hxdeploy01.healthx.com translate.googleapis.com ajax.googleapis.com www.google-analytics.com https://ssl.google-analytics.com performance.typekit.net https://nikkomsgchannel https://healthfirst-preprod-iac.pegacloud.com https://extsgo.com https://msg.altruistictask.com https://healthfirst-qa-iac.pegacloud.com; media-src 'none'; object-src 'self'; plugin-types application/pdf; referrer origin; reflected-xss filter; report-uri https://healthx.report-uri.io/r/default/csp/reportOnly; |
| X-XSS-Protection | 1; mode=block |
| Vary | Accept-Encoding, User-Agent |
| Content-Encoding | gzip |
| Connection | Keep-Alive |