Content-Security-Policy | default-src 'self' 'unsafe-inline' https://client.crisp.im *.vimeo.com; connect-src 'self' https://bnc.lt wss://ins5.hotjar.com https://insights.hotjar.com/ https://api.branch.io wss://client.relay.crisp.im wss://*.zopim.com wss://de08.zopim.com; script-src 'self' *.adnxs.com *.azame.net https://bnc.lt https://script.hotjar.com https://static.hotjar.com https://client.crisp.im https://v2.zopim.com https://api.branch.io https://app.link https://cdn.branch.io 'unsafe-inline' 'unsafe-eval' *.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' data: https://image.crisp.im https://client.crisp.im https://v2assets.zopim.io https://v2.zopim.com https://blog.epiderm.co https://dtouty06shoq9.cloudfront.net https://play.google.com https://epiderm.co https://stats.g.doubleclick.net *.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://client.crisp.im https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' data: https://client.crisp.im themes.googleusercontent.com fonts.gstatic.com https://v2.zopim.com https://maxcdn.bootstrapcdn.com https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://player.vimeo.com; object-src 'none' |