Transfer-Encoding: chunked
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-Runtime: 0.150376
Strict-Transport-Security: max-age=15552000; includeSubdomains
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Oct 2017 08:40:48 GMT
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Set-Cookie: _session_id=4982c1d8e21f702e80ab76f5b7d3e026; path=/; expires=Fri, 20 Oct 2017 14:40:48 -0000; HttpOnly; secure
Content-Security-Policy-Report-Only: default-src 'self'; base-uri 'self'; block-all-mixed-content; child-src 'self' *.embedly.com *.embed.ly *.google.com *.google.ca *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googlesyndication.com *.doubleclick.net *.hotjar.com *.livechatinc.com api.learnerverified.com app.learnerverified.com *.stripe.com *.twitter.com *.twimg.com *.walkme.com *.getjaco.com; connect-src wss: 'self' files.rapidlms.com *.newrelic.com *.nr-data.net *.google.com *.google.ca *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googlesyndication.com *.doubleclick.net *.hotjar.com *.stripe.com *.walkme.com *.getjaco.com; font-src https: data:; img-src 'self' data: d5vbshbduovn.cloudfront.net d16aqe2hb8mnsq.cloudfront.net *.google.com *.google.ca *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googlesyndication.com *.doubleclick.net *.hotjar.com *.livechatinc.com *.stripe.com www.gravatar.com *.embedly.com *.embed.ly *.twitter.com *.twimg.com; media-src d5vbshbduovn.cloudfront.net d16aqe2hb8mnsq.cloudfront.net; object-src 'self' d16aqe2hb8mnsq.cloudfront.net; script-src 'self' 'unsafe-inline' d5vbshbduovn.cloudfront.net use.fontawesome.com *.google.com *.google.ca *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googlesyndication.com *.doubleclick.net *.newrelic.com *.nr-data.net *.hotjar.com api.learnerverified.com app.learnerverified.com *.stripe.com *.twitter.com *.twimg.com *.walkme.com *.getjaco.com 'nonce-MQx9ZzxHijk3EjLpVUK9a5/CNPe7D2mf4RZDIvxEOrU='; style-src 'self' 'unsafe-inline' d5vbshbduovn.cloudfront.net use.fontawesome.com fonts.googleapis.com *.twitter.com *.twimg.com; report-uri https://yardstick.report-uri.io/r/default/csp/reportOnly
X-Permitted-Cross-Domain-Policies: none
X-Download-Options: noopen
X-Frame-Options: sameorigin
Etag: W/"ee019faac45723da3f04938a45dcc1df"
X-Request-Id: bab02d24-fc19-4930-98e3-365db3316880