Open
Cached
·
14h ago
10
directives
Content-Security-Policy
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bat.bing-int.com/ https://t.gatorleads.co.uk/ https://hcaptcha.com https://*.hcaptcha.com https://static.zohocdn.com https://js.zohocdn.com/ https://salesiq.zohopublic.eu *.googleoptimize.com *.hotjar.com *.puzzel.com *.vps.net *.bing.com *.twitter.com *.linkedin.com *.google.com *.addthisedge.com *.prfct.co *.addthis.com *.getclicky.com *.facebook.net *.marinsm.com *.hotjar.com *.gstatic.com *.googletagmanager.com *.jquery.com *.trustpilot.com *.uk2group.com *.google-analytics.com *.pingdom.net *.qualtrics.com *.visualwebsiteoptimizer.com *.typeform.com; img-src data: blob: 'self' https://bat.bing.net/ https://css.zohocdn.com https://static.zohocdn.com https://eu1-files.zohopublic.eu/ *.hotjar.com *.uk2group.com *.puzzel.com *.bing.com *.adnxs.com *.pubmatic.com *.marinsm.com *.yahoo.com *.openx.net *.prfct.co *.vps.net *.facebook.com *.gravatar.com *.visualwebsiteoptimizer.com *.google-analytics.com *.doubleclick.net *.pingdom.net *.google.com; font-src 'self' data: https://css.zohocdn.com/ https://static.zohocdn.com/ *.hotjar.com *.vps.net *.gstatic.com maxcdn.bootstrapcdn.com *.puzzel.com *.visualwebsiteoptimizer.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com *.vps.net https://static.zohocdn.com/ https://css.zohocdn.com/ optimize.google.com *.googleoptimize.com *.bootstrapcdn.com *.googleapis.com *.puzzel.com *.visualwebsiteoptimizer.com *.typeform.com 'unsafe-inline'; connect-src https://hcaptcha.com https://*.hcaptcha.com https://www.google.com/ https://stats.g.doubleclick.net/ https://bat.bing.com/ https://bat.bing.net/ https://www.facebook.com/ https://surveystats.hotjar.io/ https://status.uk2.net/ https://salesiq.zohopublic.eu/ *.google-analytics.com livechat.uk2group.com *.hotjar.com script.hotjar.com wss://ws1.hotjar.com wss://ws2.hotjar.com wss://ws3.hotjar.com wss://ws4.hotjar.com graylog.hotjar.com:12443 *.addthis.com dev.visualwebsiteoptimizer.com *.puzzel.com *.twitter.com *.trustpilot.com *.pingdom.net *.hotjar.com *.vps.net wss://ws4.hotjar.com 'self'; child-src *.vps.net *.uk2group.com *.puzzel.com *.visualwebsiteoptimizer.com; object-src 'self' *.vps.net *.puzzel.com *.visualwebsiteoptimizer.com; frame-src https://www.googletagmanager.com/ salesiq.zohopublic.eu https://hcaptcha.com https://*.hcaptcha.com *.hotjar.com *.google.com *.uk2group.com *.twitter.com *.addthis.com *.puzzel.com *.trustpilot.com *.facebook.com *.hotjar.com *.typeform.com; default-src 'self' *.puzzel.com *.vps.net; media-src data: https://static.zohocdn.com *.puzzel.com;
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Host
—
script-src
Host
—
script-src
Host
—
img-src
Scheme
—
data:
img-src
Scheme
—
blob:
img-src
Keyword
—
'self'
img-src
Host
—
img-src
Host
—
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
connect-src
Keyword
—
'self'
child-src
Host
—
object-src
Keyword
—
'self'
frame-src
Host
—
default-src
Keyword
—
'self'
media-src
Scheme
—
data:
Content-Security-Policy-Report-Only
No report-only CSP headers found.