Cache-Control | private |
Content-Type | text/html |
Content-Encoding | gzip |
Vary | Accept-Encoding |
P3P | CP="NON DSP COR CURa TAIa OUR NOR IND UNI COM NAV INT" |
Content-Security-Policy | upgrade-insecure-requests; script-src 'self' 'unsafe-inline' https://*.harveynash.com http://*.harveynash.com https://ajax.googleapis.com http://ajax.googleapis.com https://www.google-analytics.com http://www.google-analytics.com https://*.formstack.com http://*.formstack.com https://*.googleadservices.com http://*.googleadservices.com http://cdnjs.cloudflare.com https://www.googleapis.com http://www.flickr.com/badge_code_v2.gne http://platform.twitter.com https://cdn.syndication.twimg.com https://use.fontawesome.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ http://api.filestackapi.com/ https://code.jquery.com/ |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Referrer-Policy | strict-origin-when-cross-origin |
X-FRAME-OPTIONS | DENY |
Strict-Transport-Security | max-age=15552001; includeSubDomains; preload |