Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Content-Type | text/html; charset=utf-8 |
Expires | -1 |
Server | Healthx/18JAN-7 4 |
X-LogID | a6ee49d0-c134-4e01-9efb-77f0d951ecf3 |
Content-Security-Policy-Report-Only | default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: about:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com maps.googleapis.com https://ssl.google-analytics.com translate.googleapis.com translate.google.com code.jquery.com use.typekit.com www.googletagmanager.com use.typekit.net https://careconnect.widget.custhelp.com https://www.rnengage.com https://careconnect.custhelp.com https://s3.eu-central-1.amazonaws.com https://healthxpomco.mpeasylink.com; connect-src 'self' maps.googleapis.com fonts.googleapis.com hxdeploy01.healthx.com translate.googleapis.com ajax.googleapis.com www.google-analytics.com https://ssl.google-analytics.com performance.typekit.net https://nikkomsgchannel https://healthfirst-preprod-iac.pegacloud.com https://extsgo.com https://msg.altruistictask.com https://healthfirst-qa-iac.pegacloud.com; media-src 'none'; object-src 'self'; plugin-types application/pdf; referrer origin; reflected-xss filter; report-uri https://healthx.report-uri.io/r/default/csp/reportOnly; |
X-XSS-Protection | 1; mode=block |
Vary | Accept-Encoding, User-Agent |
Content-Encoding | gzip |
Connection | Keep-Alive |