Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://coin-hive.com http://cdn.datatables.net https://assets.zendesk.com https://cdn.datatables.net http://ajax.cloudflare.com https://ajax.cloudflare.com https://cdnjs.cloudflare.com https://code.jquery.com https://connect.facebook.net https://ssl.google-analytics.com https://www.google-analytics.com https://www.gstatic.com ; img-src 'self' data: http://api.cr-api.com https://api.cr-api.com https://assets.zendesk.com https://cdn.datatables.net https://s-static.ak.facebook.com https://smlbiobot.github.io https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com https://assets.zendesk.com https://cdn.datatables.net http://cdn.datatables.net https://cdnjs.cloudflare.com https://fonts.googleapis.com https://www.gstatic.com ; font-src 'self' 'unsafe-inline' data: http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.gstatic.com https://themes.googleusercontent.com ; frame-src https://assets.zendesk.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://www.facebook.com ; object-src 'none'; connect-src 'self' wss: blob: http://cr-api.com https://coin-hive.com |