Server | Apache |
Content-Security-Policy | default-src 'self' *.google.com http://www.youtube.com http://vars.hotjar.com http://*.doubleclick.net http://*.sharethis.com http://*.reviews.co.uk http://*.facebook.com http://*.twitter.com http://*.twimg.com *.google.com https://www.youtube.com https://vars.hotjar.com https://*.doubleclick.net https://*.sharethis.com https://*.reviews.co.uk https://*.facebook.com https://*.twitter.com https://*.twimg.com; connect-src 'self' *.doubleclick.net http://*.hotjar.com http://*.feefo.com *.doubleclick.net https://*.hotjar.com https://*.feefo.com; font-src 'self' *.feefo.com http://*.reevoo.com http://*.gstatic.com http://*.bootstrapcdn.com data: *.feefo.com https://*.reevoo.com https://*.gstatic.com https://*.bootstrapcdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com http://www.googletagmanager.com http://www.google-analytics.com http://www.gstatic.com http://nexus.ensighten.com http://*.googleapis.com http://*.googleadservices.com http://*.doubleclick.net http://*.cloudflare.com http://*.sharethis.com http://*.hotjar.com http://*.reevoo.com http://*.feefo.com http://*.facebook.net http://*.facebook.com http://*.first.co.uk http://*.webtrends.com http://*.webtrendslive.com http://*.comparethemarket.com http://*.reviews.co.uk http://*.ckeditor.com http://*.github.io http://*.omguk.com http://*.bing.com http://*.twitter.com http://*.twimg.com http://*.syndication.twimg.com *.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.gstatic.com https://nexus.ensighten.com https://*.googleapis.com https://*.googleadservices.com https://*.doubleclick.net https://*.cloudflare.com https://*.sharethis.com https://*.hotjar.com https://*.reevoo.com https://*.feefo.com https://*.facebook.net https://*.facebook.com https://*.first.co.uk https://*.webtrends.com https://*.webtrendslive.com https://*.comparethemarket.com https://*.reviews.co.uk https://*.ckeditor.com https://*.github.io https://*.omguk.com https://*.bing.com https://*.twitter.com https://*.twimg.com https://*.syndication.twimg.com; img-src 'self' www.google.co.uk http://www.google-analytics.com http://www.googletagmanager.com http://*.facebook.com http://*.google.com http://*.googleapis.com http://*.amazonaws.com http://*.doubleclick.net http://*.sharethis.com http://*.feefo.com http://*.first.co.uk http://*.webtrends.com http://*.webtrendslive.com http://*.comparethemarket.com http://*.cloudflare.com http://*.reevoo.com http://*.gravatar.com http://*.gstatic.com http://*.ckeditor.com http://*.tagserve.com http://*.bing.com http://*.pingdom.com http://*.omguk.com http://*.twitter.com http://*.twimg.com www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.amazonaws.com https://*.doubleclick.net https://*.sharethis.com https://*.feefo.com https://*.first.co.uk https://*.webtrends.com https://*.webtrendslive.com https://*.comparethemarket.com https://*.cloudflare.com https://*.reevoo.com https://*.gravatar.com https://*.gstatic.com https://*.ckeditor.com https://*.tagserve.com https://*.bing.com https://*.pingdom.com https://*.omguk.com https://*.twitter.com https://*.twimg.com data:; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com http://cdnjs.cloudflare.com http://mark.reevoo.com http://*.googleapis.com http://*.sharethis.com http://*.first.co.uk http://*.reevoo.com http://*.ckeditor.com http://*.google.com http://*.gstatic.com http://*.github.io http://*.twitter.io http://*.twitter.com http://*.twimg.com maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://mark.reevoo.com https://*.googleapis.com https://*.sharethis.com https://*.first.co.uk https://*.reevoo.com https://*.ckeditor.com https://*.google.com https://*.gstatic.com https://*.github.io https://*.twitter.io https://*.twitter.com https://*.twimg.com blob: |
Referrer-Policy | strict-origin-when-cross-origin |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate, post-check=0, pre-check=0 |
Pragma | no-cache |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-UA-Compatible | IE=Edge,chrome=1 |
Connection | close |
Content-Type | text/html |
Strict-Transport-Security | max-age=15552000; includeSubDomains |