Content-Security-Policy | default-src 'self' http://*.xn--pga3b.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.xn--pga3b.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com https://*.facebook.net https://*.facebook.com https://*.twimg.com https://*.addthis.com http://maps.gstatic.com https://maps.gstatic.com http://maps.google.com https://maps.google.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.googleapis.com https://*.googleapis.com http://*.xn--pga3b.com https://*.xn--pga3b.com https://*.twitter.com https://*.addthis.com http://maps.gstatic.com https://maps.gstatic.com http://fonts.gstatic.com https://fonts.gstatic.com; img-src *; font-src 'self' http://fonts.gstatic.com https://fonts.gstatic.com; media-src *; frame-src *; object-src 'self'; connect-src 'self' ws://proto1.xn--pga3b.com http://*.xn--pga3b.com http://xn--pga3b.com https://graph.facebook.com; report-uri /csp |