date | Tue, 10 Jun 2025 20:06:54 GMT |
content-type | text/html; charset=utf-8 |
content-encoding | zstd |
cache-control | private |
content-security-policy | base-uri 'none'; block-all-mixed-content; connect-src 'self' accounts.google.com maps.googleapis.com smallbusinesssaturdayuk.com *.constantcontact.com *.ctctcdn.com *.google-analytics.com *.stripe.com videodelivery.net; default-src blob:; font-src 'self' data: fonts.gstatic.com; form-action 'self' *.facebook.com; frame-ancestors none; frame-src 'self' *.facebook.com *.google.com *.stripe.com *.travelsmarter.net *.videodelivery.net player.vimeo.com; img-src 'self' data: small-business-saturday.s3-eu-west-1.amazonaws.com *.blogspot.com *.etsystatic.com *.facebook.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googleusercontent.com *.gstatic.com *.stripe.com *.tripadvisor.com videodelivery.net *.videodelivery.net *.vimeocdn.com *.ytimg.com; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' blob: 'nonce-S2VuTWNDYWxsdW1DU1BOb25jZQ==' *.addthis.com *.cloudflare.com *.ctctcdn.com *.facebook.net *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.jscache.com *.stripe.com *.tacdn.com *.tripadvisor.com *.videodelivery.net; style-src 'self' 'unsafe-inline' *.ctctcdn.com accounts.google.com fonts.googleapis.com *.myfonts.net *.tacdn.com; upgrade-insecure-requests |
referrer-policy | strict-origin |
strict-transport-security | max-age=31536000; includeSubDomains |
x-content-type-options | nosniff |
x-frame-options | SAMEORIGIN |
x-permitted-cross-domain-policies | none |
x-xss-protection | 1; mode=block |
permissions-policy | accelerometer=(self), camera=(self), fullscreen=(self "https://player.vimeo.com"), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), sync-xhr=(self), usb=(self) |
access-control-allow-origin | * |
access-control-allow-methods | GET, PUT, POST, DELETE, HEAD, OPTIONS |
access-control-allow-credentials | true |
access-control-allow-headers | X-Requested-With, origin, content-type, accept |
cf-cache-status | DYNAMIC |
server-timing | cfCacheStatus;desc="DYNAMIC" |
report-to | {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5n204Fdu7uooDjODPBf2PRYi2LN9lrmv2qOlYfcelQIGTl1g%2BKqpvpPAnM5oNess569zaJXXsD%2BE2GGM0iVsHxjnNIF817x%2BhHh5lbZzmQjOUCIfOs7ysExLDn7sdZZjC5GuXY2SAFUdQ%3D%3D"}],"group":"cf-nel","max_age":604800} |
nel | {"success_fraction":0,"report_to":"cf-nel","max_age":604800} |
server | cloudflare |
cf-ray | 94db7df028db9eea-CDG |
alt-svc | h3=":443"; ma=86400 |
statuscode | 200 |
http_version | HTTP/2 |
(Nice to have)