Accept-Ranges | bytes |
Cache-control | public, max-age=600, no-cache="set-cookie" |
Content-Encoding | gzip |
Content-Security-Policy | script-src 'self' https://api.bitgo.com https://www.google-analytics.com https://*.googleadservices.com https://*.mxpnl.com https://api.mixpanel.com https://connect.facebook.net http://connect.facebook.net https://*.stripe.com https://d7630u3gvmjyq.cloudfront.net;style-src 'self';font-src 'self';img-src 'self' data: https://www.google.com https://*.gstatic.com https://www.google-analytics.com https://*.googleadservices.com https://googleads.g.doubleclick.net https://app.getsentry.com https://*.gravatar.com https://*.facebook.com;connect-src 'self' https://api.bitgo.com https://www.google-analytics.com https://*.googleadservices.com https://*.mxpnl.com https://api.mixpanel.com https://connect.facebook.net http://connect.facebook.net https://www.bitgo.com https://shapeshift.io;report-uri /csp/report; |
Content-Type | text/html; charset=UTF-8 |
ETag | W/"3dc8-1859966342" |
Last-Modified | Tue, 03 Nov 2015 01:06:32 GMT |
Server | nginx/1.6.2 |
Strict-Transport-Security | max-age=31536000 |
Vary | Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-XSS-Protection | 1; mode=block |
Connection | keep-alive |