Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Content-Type | text/html; charset=utf-8 |
Expires | -1 |
Server | Healthx/18FEB-9 2 |
X-LogID | bd5589a8-8291-4697-93c2-4b95d48f8c1e |
Content-Security-Policy-Report-Only | default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: about:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com maps.googleapis.com https://ssl.google-analytics.com translate.googleapis.com translate.google.com code.jquery.com use.typekit.com www.googletagmanager.com use.typekit.net https://careconnect.widget.custhelp.com https://www.rnengage.com https://careconnect.custhelp.com https://s3.eu-central-1.amazonaws.com https://healthxpomco.mpeasylink.com; connect-src 'self' maps.googleapis.com fonts.googleapis.com hxdeploy01.healthx.com translate.googleapis.com ajax.googleapis.com www.google-analytics.com https://ssl.google-analytics.com performance.typekit.net https://nikkomsgchannel https://healthfirst-preprod-iac.pegacloud.com https://extsgo.com https://msg.altruistictask.com https://healthfirst-qa-iac.pegacloud.com; media-src 'none'; object-src 'self'; plugin-types application/pdf; referrer origin; reflected-xss filter; report-uri https://healthx.report-uri.io/r/default/csp/reportOnly; |
X-XSS-Protection | 1; mode=block |
Vary | Accept-Encoding, User-Agent |
Content-Encoding | gzip |
Connection | Keep-Alive |