Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
Cache-Control | no-cache, no-store |
X-Request-Id | 36fdec34-c9f8-48a6-bd82-222cd803e49a |
X-Runtime | 0.007491 |
Content-Security-Policy | default-src https:; connect-src 'self' www.google-analytics.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' data: *.s3.amazonaws.com www.google-analytics.com www.trustlogo.com trustlogo.com www.collectnow.com q.stripe.com appcenter.intuit.com d.adroll.com secure.comodo.com www.facebook.com cm.g.doubleclick.net ib.adnxs.com x.bidswitch.net us-u.openx.net; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googleadservices.com *.trustlogo.com *.adroll.com www.google-analytics.com appcenter.intuit.com *.stripe.com trustlogo.com secure.comodo.com googleads.g.doubleclick.net connect.facebook.net www.google.com; style-src 'unsafe-inline' 'self' appcenter.intuit.com |
Strict-Transport-Security | max-age=631138519 |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | sameorigin |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 1; mode=block |
X-Powered-By | Phusion Passenger 4.0.60 |
Server | nginx/1.8.1 + Phusion Passenger 4.0.60 |
Content-Encoding | gzip |