server: |
nginx |
date: |
Sat, 05 Oct 2024 20:23:01 GMT |
content-type: |
text/html; charset=UTF-8 |
transfer-encoding: |
chunked |
connection: |
close |
vary: |
Accept-Encoding |
set-cookie: |
PHPSESSID=3ottdm47tg0m2fauu7sgik9s5h; expires=Sat, 05-Oct-2024 21:23:01 GMT; Max-Age=3600; path=/; domain=www.davidmellordesign.com; secure; HttpOnly; SameSite=Lax |
pragma: |
no-cache |
cache-control: |
max-age=0, must-revalidate, no-cache, no-store |
expires: |
Thu, 05 Oct 2023 15:46:41 GMT |
content-security-policy-report-only: |
font-src fonts.gstatic.com *.stripe.com *.google.com *.sagepay.com *.opayo.eu.elavon.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.google.com *.stripe.com *.sagepay.com *.opayo.eu.elavon.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ bid.g.doubleclick.net *.google.com *.stripe.com *.sagepay.com *.opayo.eu.elavon.com *.dnp-cdms.jp *.revolut.com *.bankserv.co.za *.swisscard.ch *.six-group.com *.marqeta.com *.cardinalcommerce.com *.wlp-acs.com *.imbank.com *.tsys.co.uk *.sia.eu *.garanti.com.tr *.commerzbank.de *.cmbchina.com *.alahli.com *.mycardsecure.com *.gps.com.bh *.citibank.com *.wibmo.com *.dkb.de *.monzo.com *.alinma.com *.nccc.com.tw 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com validator.swagger.io *.clarity.ms *.bing.com *.newrelic.com *.js-agent.newrelic.com *.eu01.nr-data.net *.nr-data.net *.doubleclick.net *.g.doubleclick.net googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.google-analytics.com *.analytics.google.com g.doubleclick.net *.google.com *.google *.googletagmanager.com maps.googleapis.com maps.gstatic.com *.googleadservices.com cdn.ckeditor.com *.stripe.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com *.sagepay.com *.paypal.com *.opayo.eu.elavon.com *.loqate.com *.pcapredict.com *.postcodeanywhere.co.uk *.addressy.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.clarity.ms *.bing.com *.newrelic.com *.js-agent.newrelic.com *.eu01.nr-data.net *.nr-data.net *.doubleclick.net *.g.doubleclick.net googleads.g.doubleclick.net *.google-analytics.com *.googletagmanager.com maps.googleapis.com cdn.ckeditor.com/ *.stripe.com *.google.com chimpstatic.com downloads.mailchimp.com *.list-manage.com *.sagepay.com *.opayo.eu.elavon.com *.loqate.com *.pcapredict.com *.postcodeanywhere.co.uk *.addressy.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com/ cdn.ckeditor.com/ *.stripe.com *.google.com downloads.mailchimp.com *.sagepay.com *.opayo.eu.elavon.com *.loqate.com *.pcapredict.com *.postcodeanywhere.co.uk *.addressy.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.clarity.ms *.bing.com *.newrelic.com *.js-agent.newrelic.com *.eu01.nr-data.net *.nr-data.net *.doubleclick.net *.g.doubleclick.net www.googleadservices.com *.google-analytics.com *.analytics.google.com *.google.com *.google maps.googleapis.com/ *.stripe.com *.sagepay.com *.paypal.com *.opayo.eu.elavon.com *.loqate.com *.pcapredict.com *.postcodeanywhere.co.uk *.addressy.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; |
strict-transport-security: |
max-age=31536000, max-age=31536000; includeSubDomains |
content-security-policy: |
upgrade-insecure-requests; |
x-content-type-options: |
nosniff |
x-xss-protection: |
1; mode=block |
x-frame-options: |
SAMEORIGIN |