Server | nginx |
Content-Type | text/html;charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Content-Security-Policy | default-src 'self' https://*.stripe.com https://*.stripecdn.com; child-src 'self' https://*.stripe.com https://*.stripecdn.com; style-src 'unsafe-inline' https://cloud.typography.com 'self' https://*.stripe.com https://*.stripecdn.com; img-src https://s3.amazonaws.com/stripe-uploads/ https://stripe-images.s3.amazonaws.com https://stripe-camo.global.ssl.fastly.net/ https://stats.g.doubleclick.net https://googleads.g.doubleclick.net/pagead/ https://www.google.com/ads/ https://secure.gravatar.com https://cdn.mxpnl.com https://i0.wp.com/dashboard.stripe.com/ https://i1.wp.com/dashboard.stripe.com/ https://i2.wp.com/dashboard.stripe.com/ https://i0.wp.com/a.stripecdn.com/ https://i1.wp.com/a.stripecdn.com/ https://i2.wp.com/a.stripecdn.com/ https://i0.wp.com/b.stripecdn.com/ https://i1.wp.com/b.stripecdn.com/ https://i2.wp.com/b.stripecdn.com/ https://stripe-underwriting-documents.s3.amazonaws.com https://ssl.gstatic.com/s2/oz/images/ data: https://www.google-analytics.com https://stripe-camo.global.ssl.fastly.net https://b-stripecdn-com-ions.test.edgekey.net https://edgecast.stripecdn.com https://a.stripecdn.com 'self' https://*.stripe.com https://*.stripecdn.com; frame-src https://s3.amazonaws.com/stripe-uploads https://s3.amazonaws.com/stripe-compliance-uploads https://googleads.g.doubleclick.net https://www.google.com/ads/ https://www.googleadservices.com/pagead/conversion/ https://netverify.com/widget/jumio-verify/ https://stripe-underwriting-documents.s3.amazonaws.com/ https://www.google.com/recaptcha/ https://cdn.plaid.com/link/ https://js.stripe.com/ 'self' https://*.stripe.com https://*.stripecdn.com; connect-src api.mixpanel.com https://netverify.com wss://verificator-main.stripe.com 'self' https://*.stripe.com https://*.stripecdn.com; object-src https://mpsnare.iesnare.com 'self' https://*.stripe.com https://*.stripecdn.com; font-src data: 'self' https://*.stripe.com https://*.stripecdn.com; script-src https://stats.g.doubleclick.net https://ajax.googleapis.com/ajax/libs/swfobject/ https://www.googleadservices.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/api2/ https://apis.google.com https://mpsnare.iesnare.com https://cdn.mxpnl.com https://netverify.com/widget/jumio-verify/ https://*.stripe.com https://www.google-analytics.com https://b-stripecdn-com-ions.test.edgekey.net https://edgecast.stripecdn.com https://a.stripecdn.com https://cdn.plaid.com/link/ 'self' https://*.stripe.com https://*.stripecdn.com; media-src 'self' https://*.stripe.com https://*.stripecdn.com; report-uri https://dashboard.stripe.com/security/csp-report; |
Stripe-Manage-Version | 2009-10-12 |
X-UA-Compatible | IE=Edge,chrome=1 |
Request-Id | 1498478141-mreq_AulLagHB1xgg4a |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=31556926; includeSubDomains |
Content-Encoding | gzip |