Content-Security-Policy | default-src 'self'; script-src 'self' cdn.ravenjs.com use.typekit.net *.google-analytics.com *.hotjar.com *.clover.com client.crisp.chat; style-src 'self' 'unsafe-inline' use.typekit.net cdnjs.cloudflare.com *.clover.com client.crisp.chat; font-src 'self' data: use.typekit.net fonts.typekit.net static.hotjar.com *.clover.com client.crisp.chat; img-src 'self' data: blob: p.typekit.net *.google-analytics.com *.hotjar.com *.amazonaws.com *.clover.com *.crisp.chat; connect-src 'self' auth.tryflux.com api.tryflux.com api.test.tryflux.com performance.typekit.net http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com *.amazonaws.com *.clover.com ws://client.relay.crisp.chat wss://client.relay.crisp.chat; frame-src *.youtube.com *.vimeo.com vars.hotjar.com *.tryflux.com *.clover.com; media-src 'self' client.crisp.chat |
X-DNS-Prefetch-Control | off |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Download-Options | noopen |
X-Content-Type-Options | nosniff |
Referrer-Policy | no-referrer |
X-XSS-Protection | 1; mode=block |
Cache-Control | public, max-age=0 |
Accept-Ranges | bytes |
Last-Modified | Mon, 04 Dec 2017 17:54:45 GMT |
ETag | W/"d3e-16022aa7688" |
Content-Type | text/html; charset=UTF-8 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
Transfer-Encoding | chunked |