Content-Security-Policy | default-src 'self' https://vscale.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://platform.twitter.com https://vscale.io https://www.google-analytics.com https://mc.yandex.ru https://www.googletagmanager.com https://www.googleadservices.com; img-src 'self' data: https://vscale.io https://t.co https://analytics.twitter.com https://www.google-analytics.com https://stats.g.doubleclick.net https://mc.yandex.ru; font-src 'self' data: https://vscale.io; connect-src https://googleads.g.doubleclick.net https://mc.yandex.ru; style-src 'self' https://vscale.io 'unsafe-inline'; frame-src https://googleads.g.doubleclick.net https://www.google.com https://www.google.ru https://www.google.com.ua https://www.google.by; upgrade-insecure-requests; reflected-xss block; report-uri https://report-uri.io/report/2c02de9b218e2554e1764cf2348e1ed9; |