Access-Control-Allow-Credentials | false |
Access-Control-Allow-Headers | DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type |
Access-Control-Allow-Methods | GET, OPTIONS |
Cache-Control | max-age=0, private, must-revalidate |
Content-Encoding | gzip |
Content-Security-Policy | default-src 'self'; base-uri 'self'; child-src 'self' *.clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com googleads.g.doubleclick.net www.google.com share.intercom.io www.youtube.com player.vimeo.com fast.wistia.net api.recurly.com docs.google.com d1xgxbgdoyv0hs.cloudfront.net; connect-src 'self' *.clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com api.intercom.io api-iam.intercom.io api-ping.intercom.io nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io nexus-long-poller-a.intercom.io nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com d1xgxbgdoyv0hs.cloudfront.net; font-src 'self' *.clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com use.fontawesome.com js.intercomcdn.com fonts.gstatic.com d29tza66wmzepi.cloudfront.net d1xgxbgdoyv0hs.cloudfront.net; img-src 'self' data: *.clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com www.google-analytics.com 'unsafe-inline' js.intercomcdn.com static.intercomassets.com uploads.intercomcdn.com uploads.intercomusercontent.com s3.amazonaws.com d29tza66wmzepi.cloudfront.net d1xgxbgdoyv0hs.cloudfront.net; media-src 'self' *.clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com js.intercomcdn.com d29tza66wmzepi.cloudfront.net d1xgxbgdoyv0hs.cloudfront.net; script-src 'self' *.clientvine.com clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com use.fontawesome.com www.google-analytics.com 'unsafe-eval' 'unsafe-inline' app.intercom.io widget.intercom.io js.intercomcdn.com s7.addthis.com js.recurly.com d29tza66wmzepi.cloudfront.net www.googleadservices.com d1xgxbgdoyv0hs.cloudfront.net; style-src 'self' *.clientvine.com *.clientvines.com *.clientvine.net *.clientvines.net *.cardprocessingproposal.com 'unsafe-inline' use.fontawesome.com fonts.googleapis.com d29tza66wmzepi.cloudfront.net d1xgxbgdoyv0hs.cloudfront.net |
Content-Type | text/html; charset=utf-8 |
ETag | W/"479c55e6bd7f9c1ec6729e4ba2b9b67c" |
Referrer-Policy | origin-when-cross-origin |
Server | nginx + Phusion Passenger 5.1.3 |
Status | 200 OK |
Strict-Transport-Security | max-age=631139040; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | sameorigin |
X-Permitted-Cross-Domain-Policies | none |
X-Powered-By | Phusion Passenger 5.1.3 |
X-Request-Id | 079e401d-462b-4e59-9e59-77983568065c |
X-Runtime | 0.009385 |
X-XSS-Protection | 1; mode=block |
transfer-encoding | chunked |
Connection | keep-alive |