Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
X-Marketing-Version | 735b78cb2830879b5b72b543bfe524f524e7cf37 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=31557600; includeSubDomains; preload |
ETag | W/"4533ce7935ca55367847384657a97691" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | b1gr7s470duajt8g1tcg |
X-Runtime | 0.272439 |
Content-Security-Policy | default-src 'self'; child-src 'self' share.intercom.io fast.wistia.com fast.wistia.net googleads.g.doubleclick.net bid.g.doubleclick.net youtube.com www.youtube.com js.stripe.com staticxx.facebook.com *.soundcloud.com ti.to *.tito.io *.cdn.optimizely.com www.google.com www.intercom-product-store.com ethn.io *.quora.com; connect-src 'self' app.intercom.io app.intercom.com api.intercom.io api-iam.intercom.io api-ping.intercom.io js.intercomcdn.com nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io nexus-long-poller-a.intercom.io nexus-long-poller-b.intercom.io store.intercomassets.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com app.getsentry.com sentry.io hn.inspectlet.com wss://inspectletws.herokuapp.com wss://ws.inspectlet.com *.akamaihd.net *.optimizely.com *.wistia.com *.wistia.net heapanalytics.com *.quora.com *.fullstory.com fullstory.com *.soundcloud.com *.sndcdn.com; font-src data: https:; img-src data: blob: https:; media-src data: blob: https:; object-src 'none'; script-src 'self' app.intercom.io app.intercom.com js.intercomcdn.com store.intercomassets.com marketing.intercomassets.com widget.intercom.io ajax.googleapis.com analytics.twitter.com cdn.inspectlet.com cdn.optimizely.com connect.facebook.net distillery.wistia.com distillery-main.wistia.com fast.wistia.com fast.wistia.net js.stripe.com platform.twitter.com secure.adnxs.com store.intercom.io ti.to www.google.com www.google-analytics.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net *.tito.io bat.bing.com cdn.ravenjs.com ga.clearbit.com cdn.heapanalytics.com heapanalytics.com snap.licdn.com *.linkedin.com www.bizographics.com ethn.io *.quora.com fullstory.com *.soundcloud.com *.sndcdn.com 'nonce-vx2j3sbVFvAL31Bp+UFffD999FDkqJfJzNf9hj/U7k8='; style-src 'self' 'unsafe-inline' *.tito.io marketing.intercomassets.com heapanalytics.com maxcdn.bootstrapcdn.com; report-uri https://app.getsentry.com/api/66939/csp-report/?sentry_key=29b5f5eec8a84e438912a540b105240d |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Server | nginx |