| Cache-Control | max-age=0, no-cache, no-store, must-revalidate |
| Pragma | no-cache |
| Transfer-Encoding | chunked |
| Content-Type | text/html; charset=utf-8 |
| Content-Encoding | gzip |
| Expires | Sat, 10 Feb 2018 05:41:52 GMT |
| Last-Modified | Sat, 10 Feb 2018 05:41:52 GMT |
| Vary | Cookie |
| Server | nginx |
| Content-Security-Policy | img-src 'self' blob: www.google-analytics.com *.inspectlet.com data: gyana.co.uk *.mapbox.com *.clearbit.com *.stripe.com; child-src *.driftt.com *.hotjar.com *.mapbox.com 'self' blob: *; frame-src *.driftt.com *.hotjar.com *.mapbox.com *.stripe.com; style-src 'self' blob: maxcdn.bootstrapcdn.com cdnjs.cloudflare.com 'unsafe-inline' api.mapbox.com unpkg.com gyana.co.uk use.fontawesome.com unpkg.com *.mapbox.com *.stripe.com; worker-src 'self' localhost blob: *.mapbox.com *.stripe.com; connect-src 'self' *.inspectlet.com wss://*.inspectlet.com/ *.driftt.com *.hotjar.com wss://*.hotjar.com/ *.mapbox.com *.clearbit.com use.fontawesome.com *.stripe.com; script-src 'self' ajax.googleapis.com maxcdn.bootstrapcdn.com www.google.com www.gstatic.com maps.googleapis.com cdnjs.cloudflare.com 'unsafe-inline' 'unsafe-eval' www.google-analytics.com *.inspectlet.com cdn.plot.ly api.mapbox.com gyana.co.uk *.mapbox.com use.fontawesome.com *.driftt.com *.hotjar.com *.stripe.com; default-src 'self' maxcdn.bootstrapcdn.com cdnjs.cloudflare.com ajax.googleapis.com www.google.com 'self' blob: *; font-src 'self' blob: data:* cdnjs.cloudflare.com maxcdn.bootstrapcdn.com at.alicdn.com use.fontawesome.com *.stripe.com |
| X-Frame-Options | SAMEORIGIN |