Content-Security-Policy | img-src 'self' *.hotjar.com http://www.artimage.org.uk http://artimage.org.uk http://d1e2kq1i6pwuuf.cloudfront.net https://d1e2kq1i6pwuuf.cloudfront.net https://d3og7jzzujajeu.cloudfront.net/ *.pinterest.com stats.g.doubleclick.net *.twimg.com www.google-analytics.com *.facebook.com *.twitter.com t.co secure.worldpay.com data:; script-src 'self' mare.io *.googletagmanager.com *.hotjar.com *.pinterest.com player.vimeo.com www.gstatic.com www.google.com *.google-analytics.com ajax.googleapis.com connect.facebook.net platform.twitter.com cdn.syndication.twimg.com static.ads-twitter.com analytics.twitter.com secure.worldpay.com *.livechatinc.com d3og7jzzujajeu.cloudfront.net data: 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' www.gstatic.com platform.twitter.com *.twimg.com d3og7jzzujajeu.cloudfront.net; frame-src 'self' *.issuu.com *.youtube.com *.hotjar.com *.soundcloud.com *.pinterest.com player.vimeo.com www.google.com *.facebook.com platform.twitter.com syndication.twitter.com *.livechatinc.com; font-src 'self' *.hotjar.com *.livechatinc.com *.googleusercontent.com; connect-src 'self' *.hotjar.com *.facebook.com *.twitter.com explore.visii.com; default-src 'self'; |