Content-Security-Policy-Report-Only | default-src 'self';connect-src 'self';font-src 'self' data: fast.fonts.com fonts.gstatic.com s3.amazonaws.com;frame-src 'self' *.facebook.com *.twitter.com *.vimeo.com *.google.com;img-src 'self' data: *.google-analytics.com *.gstatic.com *.googleapis.com *.feedbackify.com bs.serving-sys.com *.pinterest.com *.pinimg.com *.twitter.com;media-src 'self';object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net *.googleapis.com apis.google.com maps.gstatic.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.feedbackify.com *.twitter.com bs.serving-sys.com *.pinterest.com s3.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com fast.fonts.com cdn.jsdelivr.net;report-uri https://www.mixapparel.com.au/system/csp |