Content-Security-Policy | default-src 'self' https://stats.g.doubleclick.net https://*.sharethis.com https://code.jquery.com https://www.google.com https://www.google.nl https://google-analytics.com https://*.google-analytics.com https://*.googleapis.com https://*.gstatic.com https://*.gravatar.com https://*.w.org https://*.pay.nl http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com https://bleeper.io/ https://pbs.twimg.com/ https://*.evennode.com wss://*.evennode.com data: 'unsafe-inline' 'unsafe-eval'; |