cache-controlno-store, no-cache, must-revalidate, max-age=0,no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-statusDYNAMIC
cf-ray9f15facb1d6b398b-IAD
connectionclose
content-encodingbr
content-security-policydefault-src 'self' https://login.coinbase.com https://www.coinbase.com https://sdk.onfido.com https://assets.onfido.com https://*.withpersona.com; child-src 'self' https://www.coinbase.com https://*.coinbase.com https://accounts.google.com/ https://www.googletagmanager.com/ https://static-assets.coinbase.com https://paywithmybank.com/start/ https://cdn1.paywithmybank.com/frontend/build/index.html https://fast.wistia.net https://ui.solaris-p.finleap.cloud https://fts-payment-initiation-wizard.solarisbank.de/ https://payment.truelayer.com https://*.online-metrix.net https://*.sardine.ai https://sdk.onfido.com/ https://*.cb-device-intelligence.com https://*.wpstn.com https://platform.twitter.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.net https://www.recaptcha.net https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob: https://www.youtube.com https://player.vimeo.com/video/ https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://*.paypal.com https://pay.google.com/ https://transact.atomicfi.com/ https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com https://alchemy.veriff.com https://price-table-widget.coinbase.com https://magic.veriff.me https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect https://p2a.co/ https://docs.google.com/forms/ https://a.sprig.com/SmJKcmh5cDRYZX5zaWQ6YWE3ZDJhZjYtMjYxYS00NjkwLWE3ZWMtMGRjMGQyMGY2ZDk5 https://calendly.com/ https://link.tink.com/ https://jsv3.recruitics.com/ https://js.stripe.com/ https://*.withpersona.com; connect-src 'self' https://browser-intake-datadoghq.com/ https://accounts.google.com/gsi/ https://mfe.coinbase.com https://fp.coinbase.com https://www.coinbase.com https://api.coinbase.com https://api.cdp.coinbase.com https://api.custody.coinbase.com https://prime.coinbase.com https://accounts.coinbase.com https://international.coinbase.com https://exchange.coinbase.com https://cloud.coinbase.com https://market-data-asia.coinbase.com https://www.tradingview.com/snapshot/ https://c.riskified.com/v2/client_infos https://player.vimeo.com/api/player.js https://vimeo.com/api/oembed.json https://api.segment.io https://api.web3modal.org https://login.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://d1dwhf283nul1c.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://cdnjs.cloudflare.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://*.google-analytics.com https://maps.googleapis.com https://translation.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://people.googleapis.com https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://as.coinbase.com/metrics https://as.coinbase.com/amp https://as.coinbase.com/bugsnag https://as.coinbase.com/track-exposures https://dp.coinbase.com/metrics https://dp.coinbase.com/amp https://dp.coinbase.com/bugsnag https://dp.coinbase.com/track-exposures https://*.braintree-api.com https://api.braintreegateway.com wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://contentful.coinbase.com/ https://api.userleap.com/ https://api.sprig.com/ https://widgets.marqeta.com/client/api/v1/ https://assets.ctfassets.net/ https://images.ctfassets.net/ https://pay.google.com/ https://google.com/pay https://c.tvpixel.com/ https://p.tvpixel.com/ https://*.salesforce.com https://api.wallet.coinbase.com https://pulse.walletconnect.org https://verify.walletconnect.org https://mempool.space wss://relay.walletconnect.com wss://relay.walletconnect.org https://rpc.walletconnect.org https://explorer-api.walletconnect.com wss://www.walletlink.org https://metamask-sdk.api.cx.metamask.io/evt https://chain-proxy.wallet.coinbase.com/ https://api.onfido.com wss://sync.onfido.com https://sdk.onfido.com/ https://rba-authed-278491357830-production.s3.us-east-1.amazonaws.com/ https://go.wallet.coinbase.com/ https://cdn.sprig.com/session-replay/ https://as.coinbase.com/traces https://www.google.com/pay https://api2.branch.io https://pixel-config.reddit.com/pixels/a2_gn0ni8qm85z4/config https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_gn0ni8qm85z4_telemetry https://conversions-config.reddit.com/v1/pixel/error https://px.ads.linkedin.com/attribution_trigger https://www.google.com/ccm/collect https://px.ads.linkedin.com/wa/ https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://cookie-cdn.cookiepro.com/ https://consent-api.onetrust.com/ https://*.withpersona.com https://inquiry.withpersona.com https://wa.appsflyer.com https://websdk.appsflyer.com; font-src 'self' data: https://www.coinbase.com https://assets.coinbase.com/ https://fonts.gstatic.com/ https://card.coinbase.com/ https://static.coinbase.com https://static-assets.coinbase.com https://assets.ctfassets.net/ https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://cookie-cdn.cookiepro.com/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://www.gstatic.com/ https://img.riskified.com/ https://play-lh.googleusercontent.com/ https://www.tradingview.com https://cdnjs.cloudflare.com/ https://sdk.onfido.com/ https://cdn.tink.se https://i.vimeocdn.com/video/ https://cdn.morpho.org/ https://d3907m2cqladbn.cloudfront.net/ https://d392zik6ho62y0.cloudfront.net/ https://d1dwhf283nul1c.cloudfront.net/ https://*.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://exceptions.coinbase.com https://go.wallet.coinbase.com/ https://coinbase-uploads.s3.amazonaws.com https://asset-metadata-service-production.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://ctf-images-01.coinbasecdn.net/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://*.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px https://atomicfi-public-production.s3.amazonaws.com https://cdn-public.atomicfi.com https://api.custody.coinbase.com/ https://help.coinbase.com/ https://truelayer-provider-assets.s3.amazonaws.com https://providers-assets.truelayer.com https://explorer-api.walletconnect.com https://alb.reddit.com/rp.gif https://px4.ads.linkedin.com/collect https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://cookie-cdn.cookiepro.com/ https://downloads.ctfassets.net https://metadata.coinbase.com; media-src 'self' https://static-assets.coinbase.com/ https://d1dwhf283nul1c.cloudfront.net/ https://www.coinbase.com https://d392zik6ho62y0.cloudfront.net/ https://ctf-videos-01.coinbasecdn.net/ https://ctf-downloads-01.coinbasecdn.net/ https://ctf-images-01.coinbasecdn.net/ https://ctf-assets-01.coinbasecdn.net/ https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://cookie-cdn.cookiepro.com/ https://videos.ctfassets.net/ blob:; object-src 'self' data: blob: https://www.coinbase.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fp.coinbase.com/ https://www.googletagmanager.com/ https://accounts.google.com/gsi/client https://accounts.google.com/gsi/ https://*.sardine.ai https://beacon.riskified.com https://*.cb-device-intelligence.com https://player.vimeo.com/api/player.js https://sdk.onfido.com/ https://www.youtube.com/iframe_api https://www.youtube.com/s/player/ https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://maps.googleapis.com https://maps.gstatic.com https://cdn.plaid.com/link/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://static-assets.coinbase.com/international/trustly/ca/js/prod/paywithmybank.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://static-assets.coinbase.com/trading-view/ https://*.paypal.com https://images.ctfassets.net/ https://pay.google.com/ https://c.tvpixel.com/ https://p.tvpixel.com/ https://price-table-widget.coinbase.com https://jsv3.recruitics.com/0778138b-cc59-11ef-a514-fd1759833eec.js https://static.ads-twitter.com/oct.js https://platform.twitter.com/uwt.js https://static.ads-twitter.com/uwt.js https://redditstatic.com/ads/pixel.js https://www.redditstatic.com/ads/pixel.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://cookie-cdn.cookiepro.com/ https://js.stripe.com/ https://static-assets.coinbase.com/ucpm/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.net https://www.recaptcha.net https://*.withpersona.com https://wa.appsflyer.com https://websdk.appsflyer.com; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/ https://assets.coinbase.com https://www.coinbase.com https://sdk.onfido.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/trading-view/ https://card.coinbase.com/ https://static.coinbase.com https://go.wallet.coinbase.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://cookie-cdn.cookiepro.com/ https://*.withpersona.com; frame-ancestors 'self' https://login.coinbase.com https://www.coinbase.com https://coinbase.com https://*.withpersona.com; report-uri /csp-logging
content-security-policy-report-onlydefault-src 'self' https://*.coinbase.com; child-src 'self' https://*.coinbase.com blob: https://pay.google.com/ https://cdn.plaid.com/link/ https://api.cb-device-intelligence.com https://p.cb-device-intelligence.com https://www.youtube.com https://inquiry.withpersona.com https://sdk.onfido.com/ https://fast.wistia.net https://c.paypal.com https://js.stripe.com/ https://accounts.google.com/; connect-src 'self' https://browser-intake-datadoghq.com/ https://*.coinbase.com wss://*.coinbase.com https://api.sprig.com/ https://c.riskified.com wss://www.walletlink.org https://cdn.cookielaw.org/ https://pay.google.com/ https://accounts.google.com/gsi/ https://ssl.google-analytics.com https://www.google-analytics.com https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://www.googletagmanager.com/gtag/js https://maps.googleapis.com https://api.onfido.com https://*.braintree-api.com https://explorer-api.walletconnect.com wss://sync.onfido.com https://www.google.com/pay; font-src * data: blob:; img-src * data: blob:; media-src * data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.coinbase.com https://cdn.cookielaw.org/ https://pay.google.com/ https://beacon.riskified.com https://api.cb-device-intelligence.com https://p.cb-device-intelligence.com https://accounts.google.com/gsi/client https://cdn.plaid.com/link/ https://www.googletagmanager.com/ https://maps.googleapis.com https://connect.facebook.net/en_US/fbevents.js https://ssl.google-analytics.com https://www.google-analytics.com https://sdk.onfido.com/ https://js.stripe.com/ https://c.paypal.com; style-src * data: blob: 'unsafe-inline'; frame-ancestors 'self' https://*.coinbase.com https://coinbase.com; report-uri /csp-logging-report-only
content-typetext/html; charset=utf-8
dateFri, 24 Apr 2026 15:00:48 GMT
expect-ctenforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
expires0,0
nel{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
referrer-policystrict-origin-when-cross-origin
report-to{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=de%2BWwVtBR3P9bprqbZi42uHT7iG1X4f%2F07r9ZUhSe%2BXhNS%2BmBeeYuDgW8cN2Hl%2FQyHSVbL3oGH19Wp1ozNjJ730oWrDppnu%2FoFYEh2xEfs3hcsZz0JL7NjdT4IEzumAq%2FUA%3D"}]}
servercloudflare
set-cookie_cfuvid=Pw3H9epLeV_j_qaahdTlO.dXAVIlzEn3jlmOUcZBjUA-1777042848.4971821-1.0.1.1-f5.QSXY7R2jfD0njMLzUEQfzPMlcitEjm20SE7SqQew; HttpOnly; SameSite=None; Secure; Path=/; Domain=coinbase.com
strict-transport-securitymax-age=31536000; includeSubDomains; preload
surrogate-controlno-store
trace-id6764391557942842258
x-content-type-optionsnosniff
x-dns-prefetch-controloff
x-download-optionsnoopen
x-frame-optionsSAMEORIGIN
x-xss-protection0