HTTP/1.1 200 OK
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Content-Security-Policy: default-src 'self' staging.stewardshipcommons.com dh-production.azurefd.net localhost; script-src *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js cdnjs.cloudflare.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com unpkg.com/@frontify/ *.cloudinary.com az416426.vo.msecnd.net https://staging.stewardshipcommons.com http://staging.stewardshipcommons.com *.stewardshipcommons.com 'self' web-chat.nativechat.com https://cdn.insight.sitefinity.com https://dec.azureedge.net https://player.vimeo.com/api/player.js https://www.youtube.com/iframe_api cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com staging.stewardshipcommons.com 'self' web-chat.nativechat.com https://cdn.insight.sitefinity.com https://dec.azureedge.net 'unsafe-inline'; img-src *.gstatic.com *.googleapis.com platform.tumblr.com web.facebook.com www.facebook.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.eloqua.com track.hubspot.com *.frontify.com *.cloudinary.com staging.stewardshipcommons.com http://staging.stewardshipcommons.com 'self' web-chat.nativechat.com https://cdn.insight.sitefinity.com https://dec.azureedge.net *.google-analytics.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: staging.stewardshipcommons.com; connect-src data: accounts.google.com *.google-analytics.com *.gstatic.com *.mktoresp.com *.frontify.com *.cloudinary.com https://dc.services.visualstudio.com/v2/track staging.stewardshipcommons.com 'self' https://*.insight.sitefinity.com https://*.dec.sitefinity.com; media-src 'self' data: blob: *.frontify.com *.cloudinary.com staging.stewardshipcommons.com; child-src *.frontify.com cloudinary.com *.cloudinary.com staging.stewardshipcommons.com 'self' web-chat.nativechat.com
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: autoplay=self
Date: Tue, 18 Mar 2025 19:25:30 GMT
