Cache-Control | max-age=0, private, must-revalidate |
Content-Encoding | gzip |
Content-Security-Policy-Report-Only | default-src 'none'; child-src 'self' https: *.google.com *.zendesk.com fast.wistia.net fast.wistia.com; connect-src 'self' https: bam.nr-data.net *.intercomassets.com *.intercomcdn.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io api-ping.intercom.io; font-src 'self' data: https: d1gitapo7kqwhi.cloudfront.net maxcdn.bootstrapcdn.com *.googleusercontent.com fonts.typekit.net; img-src 'self' https: data: notify.bugsnag.com d1gitapo7kqwhi.cloudfront.net tmp-uploads-production.s3.amazonaws.com ssl.google-analytics.com www.google-analytics.com *.google.com *.gstatic.com *.googleapis.com *.intercomassets.com *.intercomcdn.com *.intercom.io bam.nr-data.net p.typekit.net *.zendesk.com; media-src 'self' *.intercomassets.com *.intercomcdn.com *.intercom.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com d1gitapo7kqwhi.cloudfront.net ssl.google-analytics.com www.google-analytics.com *.google.com *.gstatic.com *.intercomassets.com *.intercomcdn.com *.intercom.io fast.wistia.net fast.wistia.com *.newrelic.com bam.nr-data.net www.locomoteobe.com use.typekit.net; style-src 'self' 'unsafe-inline' d1gitapo7kqwhi.cloudfront.net maxcdn.bootstrapcdn.com ssl.google-analytics.com www.google-analytics.com *.google.com *.gstatic.com *.googleapis.com use.typekit.net; report-uri /content_security_policy/forward_report |
Content-Type | text/html; charset=utf-8 |
ETag | W/"d32780c64a57b940265477b59f314a0d" |
Server | nginx |
Status | 200 OK |
Strict-Transport-Security | max-age=631138519, max-age=31536000; includeSubdomains; |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | SAMEORIGIN |
X-Permitted-Cross-Domain-Policies | none |
X-Request-Id | f629843e-45ed-4db1-a3f4-02ca5c338d9a |
X-Runtime | 0.033350 |
X-XSS-Protection | 1; mode=block |
Connection | keep-alive |