Content-Security-Policy | default-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com ajax.aspnetcdn.com static.hotjar.com script.hotjar.com *.smartlook.com embed.tawk.to https://www.google-analytics.com cdn.jsdelivr.net;style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com cdn.jsdelivr.net;img-src 'self' stats.g.doubleclick.net *.tawk.to https://www.google-analytics.com http://theme.stepofweb.com;frame-src vars.hotjar.com va.tawk.to;font-src 'self' maxcdn.bootstrapcdn.com https://fonts.gstatic.com *.tawk.to;connect-src 'self' *.hotjar.com ws://*.hotjar.com graylog.hotjar.com *.getsmartlook.com *.smartlook.com static-v.tawk.to *.tawk.to wss://*.tawk.to https://*.tawk.to;form-action 'self';report-uri /WebResource.axd?cspReport=true |