| Content-Type | text/html; charset=utf-8 |
| Transfer-Encoding | chunked |
| Connection | keep-alive |
| Status | 200 OK |
| Cache-Control | max-age=0, private, must-revalidate |
| Vary | Origin |
| Strict-Transport-Security | max-age=0; includeSubDomains; preload |
| Referrer-Policy | strict-origin-when-cross-origin |
| X-Permitted-Cross-Domain-Policies | none |
| X-XSS-Protection | 1; mode=block |
| X-Request-Id | 1a20a7b6-163f-495d-beaf-d7db0a8b541a |
| X-Download-Options | noopen |
| X-Runtime | 0.545309 |
| X-Frame-Options | DENY |
| X-Content-Type-Options | nosniff |
| Content-Security-Policy | default-src https: 'self'; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self' wss: onesignal.com; font-src 'self' data: fonts.gstatic.com; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: *.gravatar.com *.google.com; media-src 'self'; object-src 'self'; plugin-types application/x-shockwave-flash; script-src 'self' 'unsafe-inline' cdn.onesignal.com onesignal.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com onesignal.com; upgrade-insecure-requests |
| Server | cloudflare-nginx |
| CF-RAY | 3a9015de7d723fd1-YUL |
| Content-Encoding | gzip |