Content-Security-Policy | default-src 'self'; script-src 'self' *.googleadservices.com *.vcita.com *.gstatic.com *.google-analytics.com *.googletagmanager.com *.wp.com *.googleapis.com *.cloudflare.com *.tawk.to *.facebook.com *.tripadvisor.com *.hotjar.com *.jscache.com *.tacdn.com *.starfieldtech.com *.linkedin.com *.facebook.net *.youtube.com *.google.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss: *.google.com *.tawk.to; img-src 'self' data: *.imgur.com *.paypalobjects.com *.tacdn.com *.psychologytoday.com *.tripadvisor.com *.vcita.com *.googleapis.com *.wp.com *.tawk.to *.google-analytics.com *.googleadservices.com *.google.com *.doubleclick.net *.cloudflare.com *.gstatic.com; style-src 'self' data: 'unsafe-inline' *.tacdn.com *.vcita.com *.google.com *.wp.com *.googleapis.com *.cloudflare.com; font-src 'self' data: *.vcita.com *.wp.com *.gstatic.com *.cloudflare.com *.tawk.to; frame-src 'self' *.vcita.com *.tawk.to *.wp.com *.youtube.com *.youtube-nocookie.com *.google.com *.gstatic.com; |