Values for content-security-policy-report-only:
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport 286
default-src *;script-src 'unsafe-inline' 'unsafe-eval' *;style-src 'unsafe-inline' *;connect-src * blob:;report-uri https://cdn.website-start.de/app/reporting/policyviolation/submit 233
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 215
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://a3frkpbrnzxvdwnkpssx604n.httpschecker.net/report; report-to https://a3frkpbrnzxvdwnkpssx604n.httpschecker.net/report 112
default-src *;script-src 'unsafe-inline' 'unsafe-eval' *;style-src 'unsafe-inline' *;connect-src * blob:;report-uri https://cdn.initial-website.com/app/reporting/policyviolation/submit 90
default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport 65
report-uri /_/csp-reports/ 49
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; report-uri https://hi.report-uri.io/r/default/csp/reportOnly 42
default-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; report-uri https://firmsites.report-uri.com/r/t/csp/reportOnly 39
default-src https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://studio.digital.vistaprint.com/csp/report/published 22
22
default-src ms-appx-web: data: blob: webviewprogressproxy: ws: wss: https: 'unsafe-inline' 'unsafe-eval'; font-src data: https: blob:; img-src http: https: data: blob: android-webview-video-poster: android-webview:; script-src blob: https: data: 'unsafe-inline' 'unsafe-eval'; media-src data: https: blob:; report-uri https://felix.data.tm-awx.com/cspReport 20
default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 20
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; report-uri https://xl86pc2ky3.execute-api.eu-central-1.amazonaws.com/prod/icorecspupload 19
default-src https: 'unsafe-inline' 'unsafe-eval' blob:; img-src https: data:; report-uri https://csp.archant.co.uk/report 18
block-all-mixed-content; report-uri /_/csp-reports 16
block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report 13
default-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src https: data:; report-uri https://ls.getresponse.com/log/csp_report?source=www 12
child-src 'self' blob: *.animax.co.jp *.rubiconproject.com sony.molehand.eu www.google.com.mx sony-pictures-digital-productions-massrel.io tpc.googlesyndication.com js.fout.jp tg.socdm.com *.facebook.com *.doubleclick.net www.google.co.jp jp-u.openx.net *.amazon-adsystem.com www.google.com imgsrv.io *.tryinteract.com cache.send.microad.jp sony-pictures-digital-productions.massrel.io insight.adsrvr.org www.qzzr.com *.twitter.com spena.asia www.spena.asia *.doubleverify.com s0.2mdn.net embed.spotify.com content.tinypop.com api.movementventures.com www.boombox.com www.youtube.com www.instagram.com campaigns.superawesome.club *.onetvasia.com *.gemtvasia.com *.gemtvasia-kh.com *.gemtvasia-hk.com *.gemtvasia-id.com *.gemtvasia-ph.com *.gemtvasia-sg.com *.gemtvasia-th.com *.gemtvasia-vn.com *.axn-asia.com *.axn-taiwan.com *.sonychannelasia.com *.animax-asia.com *.animax-taiwan.com *.animaxhd-tw.com *.viasat3.hu *.gigya.com *.axn.hr *.axn-mk.com *.axn.rs *.axn.si *.axnspin.rs spattstorage-a.akamaihd.net *.viasat6.hu *.sonymoviechannel.com axn.de ad.adverticum.net ads.superawesome.tv *.google.ca *.animaxtv.co.kr *.hotjar.com us-east-1-ads.superawesome.tv stg-tve.hbopaseo.com axn.dmepass.com tve.hbopaseo.com *.theplatform.com bladecrawler.com cas.nl.eu.criteo.com dp-eu.bidswitch.net dsp.fout.jp gce-be.bidswitch.net www.youcaring.com ams.creativecdn.com analytics-google.net animax-jp.calreply.net api.qzzr.com api.weblio.jp b.men-q.men c1.adform.net cms.tinypop.com coub.com *.smartadserver.com embed.tumblr.com hkcenter.co.kr open.spotify.com pagead2.googlesyndication.com player.vimeo.com s.adroll.com sa-beta-ads-uploads-superawesome.netdna-ssl.com shortem.com sony-grid.noblink.net sparkflow-a.akamaihd.net www.googletagmanager.com www.googletagservices.com ads.nl.eu.criteo.com cdncache-a.akamaihd.net www.video2mp3.at 1087072589.rsc.cdn77.org ads.eu.criteo.com awesomeads-studio-production-superawesome.netdna-ssl.com b.oyster-green.com braip.com.br cas.eu.criteo.com cdn.tinypop.com connect.facebook.net coubsecureassets-a.akamaihd.net google.com imasdk.googleapis.com *.onetvasia-id.com net.ootil.fr pixel.mathtag.com ssum-sec.casalemedia.com templerunnernet-a.akamaihd.net utop.it www.playbuzz.com b.top-drawer-r.life client-cdn4.hola.org crushclanscom-a.akamaihd.net data2.marshadow.io maps.google.co.jp r.254a.com static.cmptch.com www.poup.com.br *.hit.gemius.pl sptn.votigo.com *.sonypicturethis.com *.sptna-dev.com instagram.com login.cinesony.it *.sprocket.bz *.s3.amazonaws.com eu-west-1-ads.superawesome.tv match.adsrvr.org s1.adform.net staging-cms.tinypop.com;        script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: secure-assets.rubiconproject.com *.sptndigital.com *.gigya.com tve.hbopaseo.com www.googletagservices.com *.doubleclick.net *.scorecardresearch.com partner.googleadservices.com *.google-analytics.com gscounters.us1.gigya.com ad.adverticum.net *.googlesyndication.com connect.facebook.net gdehu.hit.gemius.pl www.googletagmanager.com cybermap.kaspersky.com c.betrad.com sony.molehand.eu 3hub.co dsp.logly.co.jp ads.superawesome.tv bs.serving-sys.com n131adserv.com platform.massrelevance.com ras.reamp.com.br stg-tve.hbopaseo.com s0.2mdn.net rce.reamp.com.br www.gstatic.com platform.twitter.com www.googleadservices.com syndication.twitter.com *.tradelab.fr ib.adnxs.com  b92.yahoo.co.jp d-cache.microad.jp js.fout.jp secure-ds.serving-sys.com ssl.socdm.com tg.socdm.com servedby.openxmarket.jp *.doubleverify.com *.rfihub.com choices.truste.com adadvisor.net cdn.tt.omtrdc.net cimage.adobe.com js.dmtry.com comcast.demdex.net choices.truste.com comcastresidentialservices.tt.omtrdc.net *.flashtalking.com ssl.animaxtv.co.kr js.adsrvr.org i.kissmetrics.com doug1izaerwt3.cloudfront.net z.moatads.com dcc4iyjchzom0.cloudfront.net downloads.mailchimp.com tracker.samplicio.us pixel.adsafeprotected.com pixel.mathtag.com *.adjust-net.jp campaigns.superawesome.club *.onetvasia.com *.gemtvasia.com *.gemtvasia-kh.com *.gemtvasia-hk.com *.gemtvasia-id.com *.gemtvasia-ph.com *.gemtvasia-sg.com *.gemtvasia-th.com *.gemtvasia-vn.com *.axn-asia.com *.axn-taiwan.com *.sonychannelasia.com *.animax-asia.com *.animax-taiwan.com *.animaxhd-tw.com *.axn-india.com spattstorage-a.akamaihd.net *.adnxs.com *.hotjar.com cdn.splicky.com *.animaxtv.co.kr cdn.syndication.twimg.com d-track.send.microad.jp us-east-1-ads.supera *.adform.net tw.netcore.co.in twa.netcoresmartech.com us-east-1-ads.superawesome.tv ajax.googleapis.com stg-tve.hbopaseo.com optout.betrad.com info.evidon.com *.theplatform.com *.popfun.co.uk jp-axn-v33.sptna-asia-prod.com *.googleadservices.com *.googletagservices.com *.googletagmanager.com *.gstatic.com adservice.google.com *.google.com *.cinesony.it *.onetvasia-id.com google.ca usage-cdn.gettyimages.com cdnjs.cloudflare.com www.google.ae www.google.cl www.google.co.id www.google.co.in www.google.co.jp www.google.co.nz www.google.co.th www.google.co.uk www.google.co.ve www.google.com.ar www.google.com.au www.google.com.co www.google.com.do www.google.com.ec www.google.com.hk www.google.com.kh www.google.com.mx www.google.com.my www.google.com.np www.google.com.ph www.google.com.pk www.google.com.sg www.google.com.tr www.google.com.tw www.google.com.vn www.google.es www.google.fr www.google.it www.google.lk adservice.google.be adservice.google.cl adservice.google.co.jp adservice.google.co.uk adservice.google.com.ar adservice.google.com.br adservice.google.com.mx adservice.google.com.sg adservice.google.com.tw adservice.google.cz adservice.google.de adservice.google.es adservice.google.hr adservice.google.hu adservice.google.it adservice.google.pl adservice.google.pt adservice.google.rs www.youtube.com data1.imc-calcular.com data1.meu-imc.com eu-jet-02.sociomantic.com eu-sonar.sociomantic.com eu-west-1-ads.superawesome.tv f-bial-sosa-01.psg.psgaz.pl kjz.finetuningencapsulating.com media.line.me men-q.men pixel.yabidos.com platform.instagram.com protectsurf-a.akamaihd.net revsrvr-a.akamaihd.net rialto-gms.s3.amazonaws.com s.ytimg.com sb.voicefive.com secure.assets.tumblr.com srdrvp.com static.cmptch.com t10.aqtracker.com up.gghtzy.com www.easyopenweb.com animate.adobe.com c1.rfihub.net captcha.gecirtnotification.com cdn.ampproject.org cdnjs.cloudflare.com ced.sascdn.com code.createjs.com code.jquery.com d.line-scdn.net d.rcmd.jp cdn.amproject.org ads.sparkflow.net adservice.google.co.id adservice.google.co.in adservice.google.co.th adservice.google.com.mm adservice.google.com.ph adservice.google.com.tr adservice.google.hu animax-jp.calreply.net api.popin.cc asrvvv-a.akamaihd.net b.samurai-hold.life cdn.krxd.net cdncache-a.akamaihd.net cdnstr.xyz cfs.uzone.id com.lge.browser d6launbk5pe1s.cloudfront.net discoveryplus.popin.cc eu-jet-01.sociomantic.com imasdk.googleapis.com j.adlooxtracking.com js.mtburn.com pstatic.davebestdeals.com resus.u3.ucweb.com samurai-hold.life searchwindow-a.akamaihd.net sony-grid.noblink.net static.donation-tools.org v207.info www.google.co.cr www.google.co.kr www.google.com.br www.google.com.gt www.google.com.uy www.google.nl x.bidswitch.net adblockers.opera-mini.net app.translate.naver.net cdnjs.cloudflare.com eu-static.sociomantic.com s1.adform.net secure.przelewy24.pl ton.twimg.com adservice.google.at adservice.google.bg api.reckonstat.info api.safesearch.net m51.prod2016.com networkcheck.xyz oyster-green.com partners.cmptch.com seufeed.com.br shortem.com top-drawer-r.life www.google.com.bo www.google.com.mm www.google.com.ni www.google.com.pa www.google.com.pe www.google.com.py www.google.com.sa www.google.com.sv www.google.de www.google.hn www.google.pl www.google.ro www.google.se www.google.ca adservice.google.ca get.us3.list-manage.com mc.yandex.ru *.hit.gemius.pl sptn.votigo.com *.sonypicturethis.com *.sptna-dev.com assets.tumblr.com static.ads-twitter.com analytics.twitter.com *.sprocket.bz *.s3.amazonaws.com adfarm.mediaplex.com adologists.com ads.tfxiq.com analyticspage.tools api.jollywallet.com candygolf.com cdn-js.net cdn.visadd.com cdncache1-a.akamaihd.net d1z0mfyqx7ypd2.cloudfront.net data1.qopletr.com eluxer.net evenffext.com hugde.adocean.pl keysformapp.com loadsource.org mstat.acestream.net nowexttype.com payperclickadz.com s.update.rubiconproject.com secure.img-cdn.mediaplex.com urlvalidation.com www.instagram.com;        style-src 'self' *.sptndigital.com 'unsafe-inline' 'unsafe-eval' ssl.animaxtv.co.kr fonts.googleapis.com spena.asia c.betrad.com hello.myfonts.net platform.twitter.com campaigns.superawesome.club *.onetvasia.com *.gemtvasia.com *.gemtvasia-kh.com *.gemtvasia-hk.com *.gemtvasia-id.com *.gemtvasia-ph.com *.gemtvasia-sg.com *.gemtvasia-th.com *.gemtvasia-vn.com *.axn-asia.com *.axn-taiwan.com *.sonychannelasia.com *.animax-asia.com *.animax-taiwan.com *.animaxhd-tw.com pdk.theplatform.com spattstorage-a.akamaihd.net *.sonypicturethis.com *.sptna-dev.com fast.fonts.net ton.twimg.com s2.adform.net translate.googleapis.com *.sprocket.bz *.s3.amazonaws.com use.fontawesome.com;        frame-ancestors 'self' https://*.sptna-asia-prod.com https://axn.dmepass.com https://*.sptna-eu-prod.com https://*.sptna-stage.com https://*.sptna-qa.com https://*.sptna-us-prod.com https://*.animax.co.jp https://*.axn.com https://gdehu.hit.gemius.pl https://sony-pictures-digital-productions.massrel.io;        report-uri https://sptncspreports.report-uri.com/r/d/csp/reportOnly 12
default-src * 'unsafe-eval' 'unsafe-inline'  data:;report-uri //pointman.alibaba.com/csp?app=ae_default 12
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data: 11
report-uri https://sentry.pressly.xyz/api/66/csp-report/?sentry_key=d0e35ce9d59a42b8b1ec472c0792de84; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:3000 http://dev.pressly.io about: data: https: 10
default-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: ms-appx-web: data:; report-uri /report-violation 9
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src https: data:; report-uri https://idg.report-uri.io/r/default/csp/reportOnly 8
img-src https: 'unsafe-inline' 'unsafe-eval' 'self' data:; default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri /lytics/cspreport?api=1 8
default-src 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/ 8
default-src 'self' 8
default-src 'self' 'unsafe-inline' 'unsafe-eval' https: gap://ready; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; img-src 'self' data: https:; font-src 'self' data: https:; report-uri https://thedatinglab.report-uri.com/r/d/csp/reportOnly 8
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; report-uri /_/tools/cspr.php 7
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://vumphtlcw1apjzcjbtteqxd6.httpschecker.net/report 7
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://la6kxmatqslwrzbavptptxbe.httpschecker.net/report 6
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri /nmms/csp-reporting-lo 6
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://1yl2eds5mhyzuzjhwlcikwnp.httpschecker.net/report 6
default-src 'none' ; connect-src 'self' *.ihk.de *.etracker.de b6df6a39-9bba-47b4-b1e3-367604039de3.rlets.com ajax.googleapis.com pam.ihk-schleswig-holstein.de *.ihk24.de syndication.twitter.com www.google-analytics.com  ; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com  ; form-action 'self' *.ihk.de platform.twitter.com *.ihk24.de syndication.twitter.com  ; frame-src 'self' *.ihk.de www.facebook.com maps.google.de www.exmap.de erfurt-ihk.exmap.de b6df6a39-9bba-47b4-b1e3-367604039de3.rlets.com www.onlinebewerbungsserver.de ihk-weiterbildung-oldenburg.de ihk-darmstadt-portal.rexx-recruitment.com www.berufe.tv hk24.perbit-job.de syndication.twitter.com app.bright-guide.de static.issuu.com e.issuu.com *.youtube.com www.google.com platform.twitter.com www.youtube-nocookie.com staticxx.facebook.com  ; img-src 'self' data: userlike-cdn-operators.s3-eu-west-1.amazonaws.com *.etracker.de abs.twimg.com api.userlike.com *.etracker.com www.ihk-berlin.de maps.googleapis.com www.rmv.de maps.google.com www.google.com platform.twitter.com www.gstatic.com www.google-analytics.com *.ihk.de www.google.de web.facebook.com www.facebook.com www.ihk-arbeitsgemeinschaft-rlp.de ton.twimg.com pbs.twimg.com www.ihk-lueneburg.de www.ihk-rlp.de *.ihk24.de syndication.twitter.com ssl.google-analytics.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com csi.gstatic.com www.bso-hessen.de maps.gstatic.com vstdbv3 www.ihk-koblenz.de www.ihk-gfi.de  ; media-src 'self' *.youtube.com ims-files-cdn.net  ; object-src 'self' www.berufe.tv  ; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.ihk.de *.etracker.de ajax.googleapis.com www.highcharts.com api.userlike.com *.etracker.com pam.ihk-schleswig-holstein.de connect.facebook.net code.jquery.com/jquery-3.1.1.min.js *.ihk24.de cdn.rlets.com connect.facebook.de ssl.google-analytics.com app.bright-guide.de maps.googleapis.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com www.googletagmanager.com *.youtube.com code.highcharts.com maps.google.com cdn.syndication.twimg.com www.google.analytics.com platform.twitter.com www.google-analytics.com  ; style-src 'self'  'unsafe-inline' *.ihk.de fonts.googleapis.com *.etracker.de ton.twimg.com maxcdn.bootstrapcdn.com pam.ihk-schleswig-holstein.de platform.twitter.com *.ihk24.de  ; child-src 'self' ; report-uri /blueprint/servlet/serviceport/rest/csplogging/logViolation ;  6
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; 6
default-src 'self' https: blob:; frame-src 'self' https:; media-src https: data: blob:; worker-src https: blob:; img-src https: data: blob:; connect-src 'self' https:; font-src data: https:; form-action 'self' https:; object-src 'self' https: blob:; script-src https: data: blob: 'unsafe-eval' 'unsafe-inline'; style-src https: data: blob: 'unsafe-inline'; report-uri https://kinja.report-uri.com/r/d/csp/reportOnly 5
default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp.ffx.io/ 5
default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' 'self';  frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com; report-uri https://csp.surveymonkey.com/report?e=false&c=prod&a=anonweb 5
default-src *;script-src 'unsafe-inline' 'unsafe-eval' *;style-src 'unsafe-inline' *;connect-src * blob:;report-uri https://cdn.eu.mywebsite-editor.com/app/reporting/policyviolation/submit 5
default-src * data:; script-src 'unsafe-inline' 'unsafe-eval' data: www.etsy.com https://*.etsystatic.com *.googletagmanager.com *.go-mpulse.net *.btstatic.com *.google-analytics.com *.netmng.com *.googleadservices.com *.facebook.net *.facebook.com *.google.com *.dwin1.com *.tumblr.com *.twitter.com *.steelhousemedia.com t.cxt.ms connexity.net *.gstatic.com *.answerscloud.com bam.nr-data.net g.3gl.net js-agent.newrelic.com *.qualtrics.com app.link *.branch.io *.mparticle.com cdn.ravenjs.com s.pinimg.com *.pinterest.com googleads.g.doubleclick.net web.btncdn.com cdn.ravenjs.com *.googleapis.com *.zdassets.com *.zopim.com *.cloudflare.com *.granify.com; style-src 'unsafe-inline' 'self' www.etsy.com; connect-src https://*.etsystatic.com *.mparticle.com *.qualtrics.com *.branch.io www.etsy.com wss://www.etsy.com api.pinterest.com *.zdassets.com *.zendesk.com wss://*.zopim.com wss://*.zendesk.com *.granify.com; report-uri /beacon/csp.php 5
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://xwelwwpuuvpczsupwp77cb6n.httpschecker.net/report 5
default-src https: 'unsafe-eval' 'unsafe-inline'; report-uri https://support.stnhost.com/csp/record-bad-https.php 5
default-src https: blob:; connect-src https: wss:; img-src https: data:; font-src https: data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; report-uri /csp-violation-endpoint/ 5
default-src 'self' *.wargaming.net https://*.wgcdn.co https://*.gcdn.co https://www.youtube.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.wargaming.net https://partner.worldoftanks.com https://*.wgcdn.co https://*.gcdn.co https://www.googletagmanager.com https://*.google-analytics.com https://www.googleadservices.com https://*.yandex.ru https://*.yandex.net https://*.yandex.ua https://*.yandex.by https://*.yandex.kz https://*.yandex.com.tr http://*.yandex.ru http://*.yandex.net http://*.yandex.ua http://*.yandex.by http://*.yandex.kz http://*.yandex.com.tr https://*.yandex.st https://*.yandex.com https://*.yandex.fr https://yandex.st https://u360.d-bi.fr https://bat.bing.com https://connect.facebook.net https://connect.ok.ru https://*.vk.com https://googleads.g.doubleclick.net https://*.adroll.com https://*.addthis.com https://*.addthisedge.com https://tag.marinsm.com https://pixel-geo.prfct.co https://static.criteo.net https://*.criteo.com https://*.vihub.ru https://*.cloudfront.net https://js.gleam.io https://a1.adform.net https://ajax.googleapis.com https://www.youtube.com https://animate.adobe.com ; style-src 'self' 'unsafe-inline' *.wargaming.net https://fonts.googleapis.com https://*.wgcdn.co https://*.gcdn.co ; img-src 'self' data: android-webview-video-poster: * ; connect-src 'self' *.wargaming.net wss://worldoftanks.ru wss://worldoftanks.eu wss://worldoftanks.asia wss://worldoftanks.com https://stats.g.doubleclick.net https://*.yandex.ru https://*.yandex.net https://*.yandex.ua https://*.yandex.by https://*.yandex.kz https://*.yandex.com.tr http://*.yandex.ru http://*.yandex.net http://*.yandex.ua http://*.yandex.by http://*.yandex.kz http://*.yandex.com.tr https://*.yandex.st https://*.yandex.com https://*.yandex.fr https://graph.facebook.com https://*.addthis.com https://*.google-analytics.com https://ymetrica1.com https://*.cloudfront.net https://google.com https://google.ru https://google.com.ua https://google.by https://google.pl https://*.googleapis.com ; font-src 'self' *.wargaming.net https://fonts.gstatic.com https://*.wgcdn.co https://*.gcdn.co ; media-src 'self' *.wargaming.net https://*.wgcdn.co https://*.gcdn.co ; frame-src 'self' *.wargaming.net https://*.facebook.com https://connect.facebook.net https://www.youtube.com https://bid.g.doubleclick.net https://*.criteo.com https://yastatic.net https://*.addthis.com https://gleam.io https://*.gcdn.co https://*.wgcdn.co https://aax-eu.amazon-adsystem.com ; object-src 'self' *.wargaming.net https://*.gcdn.co https://www.youtube.com ; report-uri https://cspreport.wargaming.net/cspreport 4
default-src 'self'; script-src blob: https://*.ytimg.com https://*.youtube.com https://*.wargaming.net https://*.gcdn.co https://u360.d-bi.fr https://*.adroll.com https://pixel-geo.prfct.co https://s.adroll.com *.wgcdn.co https://tag.marinsm.com https://*.hypercomments.com https://*.cedexis-test.com https://bat.bing.com https://bam.nr-data.net https://*.addthisedge.com https://*.addthis.com https://*.cedexis.com https://*.facebook.net https://*.fastlylb.net https://*.adform.net https://js-agent.newrelic.com http://*.wargaming.net *.google-analytics.com www.google-analytics.com ajax.googleapis.com https://*.google.ru https://*.google.com https://*.criteo.com https://dl.metabar.ru https://*.doubleclick.net https://embedr.flickr.com https://*.fbcdn.net https://*.cloudfront.net *.googleadservices.com *.googletagmanager.com cdn-cm.gcdn.co *.worldoftanks.com https://*.criteo.net https://*.yandex.ru https://*.yandex.net https://*.yandex.ua https://*.yandex.by https://*.yandex.kz https://*.yandex.com.tr http://*.yandex.ru http://*.yandex.net http://*.yandex.ua http://*.yandex.by http://*.yandex.kz http://*.yandex.com.tr *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https://*.gcdn.co http://*.wgcdn.co https://*.wgcdn.co https://static.hypercomments.com https://*.wargaming.net http://*.wargaming.net https://*.fastlylb.net *.worldofwarships.ru *.googleapis.com 'unsafe-inline'; img-src data: * 'self';font-src data: https://*.gcdn.co http://*.wgcdn.co https://*.wgcdn.co https://*.wargaming.net http://*.wargaming.net fonts.gstatic.com https://*.adform.net https://*.fastlylb.net; frame-src https://*.wargaming.net https://static.hypercomments.com https://*.youtube.com https://*.linkedin.com https://*.cedexis.com https://*.cloudfront.net https://*.cedexis-test.com http://*.wargaming.net https://*.doubleclick.net https://*.criteo.com https://*.fbcdn.net https://player.twitch.tv https://embedr.flickr.com https://*.facebook.com https://*.addthis.com https://dl.metabar.ru https://*.hypercomments.com https://*.fastlylb.net *.googletagmanager.com https://*.criteo.net https://*.yandex.ru https://*.yandex.net https://*.yandex.ua https://*.yandex.by https://*.yandex.kz https://*.yandex.com.tr http://*.yandex.ru http://*.yandex.net http://*.yandex.ua http://*.yandex.by http://*.yandex.kz http://*.yandex.com.tr *.google.com; report-uri https://cspreport.wargaming.net/cspreport; connect-src *.criteo.com *.google-analytics.com https://*.worldofwarships.ru https://*.worldofwarships.asia wss://*.hypercomments.com https://*.hypercomments.com https://*.worldofwarships.com https://*.worldofwarships.eu www.google-analytics.com https://*.cedexis.com https://*.cloudfront.net https://embedr.flickr.com https://*.facebook.com https://*.cedexis-radar.net https://*.addthis.com https://*.fastlylb.net https://*.wargaming.net http://*.wargaming.net https://*.criteo.net https://*.yandex.ru https://*.yandex.net https://*.yandex.ua https://*.yandex.by https://*.yandex.kz https://*.yandex.com.tr http://*.yandex.ru http://*.yandex.net http://*.yandex.ua http://*.yandex.by http://*.yandex.kz http://*.yandex.com.tr *.googleapis.com 'self'; media-src https://*.wgcdn.co https://*.gcdn.co https://*.adform.net https://worldofwarships.com; object-src https://*.worldofwarships.ru 4
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri /misc/csp-report.php 4
default-src blob: data: https:; script-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; report-uri https://www.hsn.com/mixed-content-collector; 4
img-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'; 4
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: 4
default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/ 4
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https: wss:; report-uri https://sentry.io/api/90716/csp-report/?sentry_key=4381f955b6f94fd9ba83d0364bee911f 4
default-src https: data: 'unsafe-inline' 'unsafe-eval' 4
block-all-mixed-content; report-uri https://www.wp.pl/v1/csplog 4
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' https://www.sovendus.com/ https://*.custhelp.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://translate.googleapis.com; img-src 'self' data: http: https:; frame-src https:; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/; connect-src 'self' https://*.pndsn.com https://www.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.sovendus.com https://*.taboola.com https://translate.googleapis.com https://*.doubleclick.net; object-src 'none';	 worker-src 'self';	 ;script-src https: 'report-sample' 'unsafe-inline' 'unsafe-eval' data: https://*.custhelp.com https://*.ioam.de;frame-ancestors 'self';report-uri /ls/?reportOnly=true 4
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp 4
default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://logger.kataweb.it/csp/ 3
default-src https: ; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; report-uri /csp/ 3
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly 3
default-src 'self'; img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 'unsafe-eval' 3
default-src 'self' blob:; script-src 'self' 'unsafe-eval' blob: https: www.google.com tags.tiqcdn.com secure.insightexpressai.com browser-update.org *.newrelic.com *.nr-data.net api.swiftype.com onqblog.disqus.com a.disquscdn.com platform.twitter.com snapdragonblog.disqus.com 3642644.fls.doubleclick.net 'sha256-/3jsvuZODfJI1Eg99StI7HtPfGc1mT2ElQZ8nHDbQbM='; object-src https://metrics.brightcove.com; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https: www.qualcomm.com pt-corpmktg.qualcomm.com qualcomm.sc.omtrdc.net sb.scorecardresearch.com metrics.brightcove.com *.nr-data.net analytics.twitter.com t.co controller.4seeresults.com events.foreseeresults.com insight.adsrvr.org; media-src 'self' blob: https: secure.brightcove.com; frame-src 'self' https: www.youtube.com disqus.com 3642644.fls.doubleclick.net www.juicer.io; font-src 'self' data: https: vjs.zencdn.net; connect-src 'self' https: *.nr-data.net links.services.disqus.com; report-uri /admin/config/system/seckit/csp-report 3
frame-ancestors 'self' http://*.airfrance.fr https://*.airfrance.fr http://*.airfranceklm.com https://*.airfranceklm.com http://*.af-klm.com https://*.af-klm.com http://*.airfrance-is.com https://*.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ; 3
default-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 3
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri /csp_report; 3
default-src *.cloud.mail.ru *.clob.mail.ru *.cloud.mail.ru *.datacloudmail.ru *.cldmail.ru *.mail.ru *.imgsmail.ru *.files.attachmail.ru *.mradx.net *.gemius.pl *.weborama.fr *.adriver.ru *.serving-sys.com featherservices.aviary.com d42hh4005hpu.cloudfront.net dme0ih8comzn4.cloudfront.net feather-client-files-aviary-prod-us-east-1.s3.amazonaws.com ; script-src 'unsafe-inline' 'unsafe-eval' *.cloud.mail.ru *.datacloudmail.ru *.cldmail.ru *.mail.ru *.imgsmail.ru *.files.attachmail.ru *.mradx.net *.yandex.ru *.odnoklassniki.ru odnoklassniki.ru *.ok.ru ok.ru *.scorecardresearch.com www.google-analytics.com featherservices.aviary.com d42hh4005hpu.cloudfront.net dme0ih8comzn4.cloudfront.net feather-client-files-aviary-prod-us-east-1.s3.amazonaws.com; img-src data: *; style-src 'unsafe-inline' *.mail.ru *.imgsmail.ru *.files.attachmail.ru *.mradx.net featherservices.aviary.com d42hh4005hpu.cloudfront.net dme0ih8comzn4.cloudfront.net feather-client-files-aviary-prod-us-east-1.s3.amazonaws.com; font-src data: cloud.mail.ru *.imgsmail.ru *.files.attachmail.ru *.mradx.net featherservices.aviary.com d42hh4005hpu.cloudfront.net dme0ih8comzn4.cloudfront.net feather-client-files-aviary-prod-us-east-1.s3.amazonaws.com; frame-src *.mail.ru *.datacloudmail.ru *.cldmail.ru docs.mail.ru *.officeapps.live.com *.mradx.net; object-src data: blob: https://*; report-uri https://cspreport.mail.ru/cloud/; 3
default-src 'self'; report-uri https://csp.loopia.se;form-action 'self' https://*.loopia.se https://*.loopia.no https://*.loopia.com https://*.loopia.rs https://bib.eway2pay.com https://ticket.siriusit.net https://payment.architrade.com https://www.facebook.com;font-src 'self' https://*.loopia.se https://*.loopia.no https://*.loopia.com https://*.loopia.rs https://tpc.googlesyndication.com https://fonts.gstatic.com https://chat.intele.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' https://chat.intele.com https://www.googletagmanager.com https://ssl.google-analytics.com https://*.loopia.se https://*.loopia.no https://*.loopia.com https://*.loopia.rs https://www.youtube.com https://*.ytimg.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://connect.facebook.net;connect-src 'self' https://chat.puzzel.com https://*.loopia.se https://*.loopia.no https://*.loopia.com https://*.loopia.rs https://www.facebook.com https://stats.g.doubleclick.net https://www.google-analytics.com;img-src 'self' https://*.loopia.se https://*.loopia.no https://*.loopia.com https://*.loopia.rs https://ssl.google-analytics.com https://*.ytimg.com https://track.double.net https://tbs.tradedoubler.com https://sealserver.trustkeeper.net https://www.gstatic.com https://track.adform.net https://www.googletagmanager.com https://chat.puzzel.com https://www.google.com.cy https://www.google.no https://www.google.rs https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com https://www.google.es https://googleads.g.doubleclick.net https://www.facebook.com https://www.google.se data:;media-src https://chat.puzzel.com;frame-src https://*.facebook.com https://player.vimeo.com https://*.mynewsdesk.com https://tpc.googlesyndication.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.soundcloud.com https://www.youtube.com;object-src 'self';style-src 'self' 'unsafe-inline' https://*.loopia.se https://*.loopia.no https://*.loopia.com https://*.loopia.rs https://chat.intele.com https://fonts.googleapis.com 3
frame-ancestors 'self'; report-uri https://report.csp.api.brightspace.com/report; 3
default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src https: ws:; report-uri /csp-violation-report-endpoint/ 3
default-src https: data: 'unsafe-inline' 'unsafe-eval' wss://*.hotjar.com; report-uri https://fantastic.report-uri.com/r/d/csp/reportOnly 3
default-src 'https' style-src 'unsafe-inline' font-src 'self' 3
default-src https: 'unsafe-inline' 'unsafe-eval' wss: ;img-src https: data: blob: ; font-src https: data:; form-action https: http://www.last.fm; report-uri https://cbsi.report-uri.io/r/default/csp/enforce 3
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://ggj3qf05xeualpl0weo7xdrg.httpschecker.net/report 3
default-src https: 'unsafe-inline' 'unsafe-eval' data:; report-uri https://www.webmd.com/cspreporting/csp-violation-rpt 3
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' www.google.com apis.google.com ssl.google-analytics.com www.google-analytics.com fonts.gstatic.com csi.gstatic.com www.youtube.com i.ytimg.com googleads.g.doubleclick.net api.instagram.com scontent.cdninstagram.com static.doubleclick.net stats.g.doubleclick.net platform.twitter.com syndication.twitter.com s7.addthis.com m.addthis.com m.addthisedge.com collector.ontame.io dmcqaqmkk1tj3.cloudfront.net graph.facebook.com static.xx.fbcdn.net staticxx.facebook.com www.facebook.com linkedin.com www.linkedin.com api-public.addthis.com connect.facebook.net egmont.com fonts.googleapis.com maps.googleapis.com maps.gstatic.com static.zdassets.com ekr.zdassets.com gogift.zendesk.com pw.dintidning.se external.xx.fbcdn.net scontent.xx.fbcdn.net egmont.easycruit.com mitblad.dk www.mitblad.dk www.egmont.com www.paypalobjects.com akamai.mathtag.com egmhmno.rd-live.workingpropeople.com www.gstatic.com plan4.egmonttidskrifter.se instansive.com cdn.lightwidget.com widgets.pinterest.com reddit.com twitter.com instagram.com www.paypal.com code.jquery.comwss://www.egmont.com wss://www.nordiskfilm.dk wss://www.egmontfonden.dk; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' player.vimeo.com api.instagram.com platform.twitter.com www.google-analytics.com s7.addthis.com connect.facebook.net m.addthis.com graph.facebook.com m.addthisedge.com api-public.addthis.com https://*.cloudfront.net apis.google.com maps.googleapis.com cdn.lightwidget.com instansive.com extnetcool.com cdn-js.net ssl.google-analytics.com www.linkedin.com widgets.pinterest.com; img-src 'self' data: forlagsliv.dk 2.gravatar.com cdn.egmontservice.com plan4.egmonttidskrifter.se pw.dintidning.se scontent.xx.fbcdn.net www.google-analytics.com www.nordiskfilm.dk scontent.cdninstagram.com stats.g.doubleclick.net collector.ontame.io www.mitblad.dk scontent.cdninstagram.com egmont.com nordiskfilm.dk egmontfonden.dk syndication.twitter.com external.xx.fbcdn.net www.egmont.com maps.gstatic.com www.gstatic.com www.nordiskfilm.dk www.paypalobjects.com m.addthis.com maps.googleapis.com www.paypalobjects.com; font-src 'self' data: cdn.joinhoney.com fonts.gstatic.com cdnjs.cloudflare.com; child-src 'self' ; frame-src 'self' platform.twitter.com syndication.twitter.com www.youtube.com s7.addthis.com apis.google.com staticxx.facebook.com www.facebook.com egmontintern.23video.com www.google.com www.youtube-nocookie.com accounts.google.com pw.dintidning.se player.vimeo.com web.facebook.com survey-xact.dk snapwidget.com www.survey-xact.dk www.egmontpeople.no edge.addthis.com www.survey-xact.dk www.nordiskfilm.dk www.nordiskfilm.com www.egmontpublishing.com google.com; frame-ancestors 'self' ; form-action 'self' platform.twitter.com syndication.twitter.com; upgrade-insecure-requests; block-all-mixed-content; reflected-xss block; base-uri egmont.com www.egmont.com nordiskfilm.com nordiskfilm.dk nordiskfilm.no nordiskfilm.se www.nordiskfilm.com www.nordiskfilm.dk www.nordiskfilm.no www.nordiskfilm.se egmontfonden.dk www.egmontfonden.dk; report-uri https://egmont.report-uri.com/r/d/csp/reportonly; report-to egmont.com; 3
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://draft.blogger.com/cspreport 3
default-src https: 'unsafe-inline' 'unsafe-eval' data: about:;connect-src 'self' https://www.deviantart.com wss://hub.deviantart.net/connection/websocket https://frog.wix.com https://pay.wix.com;report-uri https://www.deviantart.com/backend/csp/report 2
frame-ancestors 'none'; report-uri /csp_logger/; 2
default-src 'self' data: https: blob:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'self' 'unsafe-inline' data: https: blob:; img-src 'self' data: https:; font-src 'self' data: https:; worker-src * blob:; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://huffintl.report-uri.com/r/d/csp/reportOnly 2
worker-src https: 'unsafe-inline'; report-uri https://api.mp.pl/csp-violation/ 2
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri https://fivethirtyeight.report-uri.io/r/default/csp/reportOnly 2
default-src 'self' data: 'unsafe-eval' 'unsafe-inline' https://*.baidu.com http://*.baidu.com https://*.baidustatic.com http://*.baidustatic.com https://*.hao123.com http://*.hao123.com https://*.bdstatic.com http://*.bdstatic.com https://*.hao123img.com http://*.hao123img.com https://*.hao222.com http://*.hao222.com https://*.baidu.cn http://*.baidu.cn https://*.shifen.com http://*.shifen.com https://*.bdimg.com http://*.bdimg.com https://*.bcebos.com http://*.bcebos.com https://dwz.cn http://dwz.cn; img-src * data:; media-src * data:; report-uri /hao123_api/csp/report 2
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; media-src https: data:; object-src https: data:; img-src https: data:; font-src https: data:; report-uri /csp-report 2
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' https://www.sovendus.com/ https://*.custhelp.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com/font-awesome/; img-src 'self' data: http: https:; frame-src https:; font-src data: 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/; connect-src 'self' https://*.pndsn.com https://www.google-analytics.com/ https://*.facebook.com https://*.ioam.de https://*.sovendus.com https://*.taboola.com https://translate.googleapis.com; object-src 'none';	 worker-src 'self';	 ;script-src https: 'unsafe-inline' 'unsafe-eval' data: https://*.custhelp.com https://*.ioam.de;frame-ancestors 'self';report-uri /ls/?reportOnly=true 2
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: ; report-uri /vdc-csp-report 2
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; connect-src https: wss:; report-uri https://verivox.report-uri.com/r/d/csp/reportOnly; 2
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always; 2
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://kontur.ru/private/csp-report 2
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://www.google-analytics.com/ https://lkq.qumucloud.com/ https://cdn.qumucloud.com/ https://ssl.google-analytics.com/ https://www.gstatic.com/ https://www.google.com/ https://www.googletagservices.com/ https://www.googletagmanager.com;  style-src 'self' 'unsafe-inline' https://cdn.qumucloud.com/ https://lkq.qumucloud.com http://fonts.googleapis.com/ http://fonts.gstatic.com/ https://www.google-analytics.com; img-src 'self' http://media.ekeystone.com/ https://lkq.qumucloud.com/ https://cdn.qumucloud.com/ https://fonts.gstatic.com/ https://www.google-analytics.com  http://vehiclepartimages.com/ImageServer/ data:; child-src 'self' https://lkq.qumucloud.com https://sdn.sitecore.net http://sdn.sitecore.net https://www.google.com; font-src 'self' https://cdn.qumucloud.com/ https://fonts.gstatic.com; frame-ancestors 'self'; media-src 'self' http://media.ekeystone.com/; report-uri  http://webservices.hostsfile/cspreportlogger/api/values; 2
default-src https: data: 'unsafe-eval' 'unsafe-inline'; report-uri /csp_reports 2
default-src 'self' https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: webviewprogressproxy:; style-src 'self' https: 'unsafe-inline' data: webviewprogressproxy:; img-src 'self' https: data: webviewprogressproxy:; report-uri /api/csp-report 2
default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report 2
report-uri /report-csp-violation 2
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; style-src 'self' 'unsafe-inline' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; img-src 'self' data: https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; font-src 'self' data: https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; connect-src 'self' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; media-src 'self' https://*.lovense.com https://*.hytto.com https://*.youtube.com https://*.vimeo.com; object-src 'self' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; frame-src 'self' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; child-src 'self' blob: blob https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; worker-src 'self' blob: blob https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; form-action 'self' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; manifest-src 'self' https://www.google.com https://www.google.cn https://*.lovense.com https://stats.g.doubleclick.net https://*.stripe.com https://bat.bing.com https://*.riskified.com https://beacon.riskified.com https://m.stripe.network https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://*.hytto.com https://mc.yandex.ru; report-uri /csp-violation-report-endpoint; 2
script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: *.appdynamics.com www.google-analytics.com www.googletagmanager.com tagmanager.google.com *.transportnsw.info aushelp6.creativevirtual.com www.youtube.com s.ytimg.com platform.twitter.com cadreon.demdex.net https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/ https://cdn.rawgit.com/qwertypants/jQuery-Word-and-Character-Counter-Plugin/2.3.5/; img-src 'self' www.googletagmanager.com aushelp6.creativevirtual.com data: blob: *.transportnsw.info *.gstatic.com i.ytimg.com col.eum-appdynamics.com stats.g.doubleclick.net www.google-analytics.com aushelp6.creativevirtual.com; report-uri https://transportnsw.report-uri.com/r/t/csp/reportOnly; default-src 'self' blob:; frame-src transportnsw.info tfnsw.secure.force.com www.youtube.com cadreon.demdex.net www.googletagmanager.com *.fls.doubleclick.net platform.twitter.com; worker-src blob:; style-src 'self' 'unsafe-inline' *.transportnsw.info fonts.googleapis.com cdnjs.cloudflare.com aushelp6.creativevirtual.com www.google-analytics.com tagmanager.google.com; connect-src 'self' data: wss://transportnsw.info api.mapbox.com col.eum-appdynamics.com www.google-analytics.com cadreon.demdex.net *.tiles.mapbox.com stats.g.doubleclick.net www.googleapis.com syndication.twitter.com; child-src blob:; font-src 'self' data: *.transportnsw.info fonts.gstatic.com aushelp6.creativevirtual.com; object-src 'self' *.transportnsw.info; 2
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; media-src https: http: rtsp: rtmp:; report-uri /csp-report 2
default-src 'none'; base-uri 'self'; connect-src 'self' ; font-src 'self'; form-action 'self'; frame-ancestors 'self'; frame-src 'self' ; img-src 'self' analytics.openpetition.de data: ; script-src 'self' 'unsafe-inline' analytics.openpetition.de ; style-src 'self' 'unsafe-inline' ; upgrade-insecure-requests; report-uri /report 2
default-src 'self'; script-src 'self' 'unsafe-inline' *.googleadservices.com *.bing.com *.googleapis.com *.google-analytics.com *.gstatic.com *.marketo.net *.googletagmanager.com *.zopim.com *.mktoresp.com *.bizographics.com *.toutapp.com *.newrelic.com *.linkedin.com *.nr-data.net; object-src *; style-src 'self' 'unsafe-inline' *.googleapis.com ; img-src *; media-src *; frame-src 'self'; child-src 'self'; font-src 'self' 'unsafe-inline' *.gstatic.com *.zopim.com data: wss:; connect-src 'self' *.mktoresp.com *.zopim.com wss:; report-uri /report-csp-violation 2
default-src 'unsafe-inline' 'unsafe-eval' https: data: blob:; report-uri https://www.argos.co.uk/logging-api/2/security 2
script-src 'unsafe-inline' 'unsafe-eval' 'self' blob: data: https:; style-src 'self' 'unsafe-inline' blob: data: https:; default-src 'self' https:; img-src https: blob: data: android-webview-video-poster:; frame-src blob: data: https:; worker-src blob: data: https:; child-src blob: data: https:; object-src 'self'; font-src 'self' https: blob: data: safari-extension://*; media-src 'self' blob: data: https:; connect-src wss: blob: data: https:; report-uri /csp_ep 2
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri 2
default-src https: 'unsafe-inline' 'unsafe-eval' 2
default-src 'self' ; script-src 'self' 'unsafe-inline' rum-static.pingdom.net www.google-analytics.com cdnjs.cloudflare.com orbxdirect.scdn4.secure.raxcdn.com cdn.onesignal.com onesignal.com js.stripe.com orbxdirectpull-owwochgjiuskn0.netdna-ssl.com; style-src * 'unsafe-inline' orbxdirectpull-owwochgjiuskn0.netdna-ssl.com fonts.googleapis.com; img-src 'self' orbxdirectpull-owwochgjiuskn0.netdna-ssl.com www.google-analytics.com orbxdirect.scdn4.secure.raxcdn.com orbxdirectimages-owwochgjiuskn0.netdna-ssl.com stats.g.doubleclick.net www.google.com rum-collector.pingdom.net rum-collector-2.pingdom.net www.google.com.au; font-src fonts.gstatic.com maxcdn.bootstrapcdn.com; connect-src rum-collector-2.pingdom.net; media-src 'self' ; object-src 'none' ; child-src www.youtube.com youtube.com; frame-src www.youtube.com youtube.com; worker-src 'self' cdn.onesignal.com; frame-ancestors 'none' ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; disown-opener; base-uri orbxdirect.com; manifest-src orbxdirect.scdn4.secure.raxcdn.com; report-uri https://orbx.report-uri.com/r/d/csp/reportOnly 2
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https: wss:; 2
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://variety.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 2
default-src 'self'; style-src 'self' 'unsafe-inline' ws1.postescanada-canadapost.ca tpc.googlesyndication.com creator.zmags.com fonts.googleapis.com cdn1.lavieenrose.com cdn1.bikinivillage.com snapwidget.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' *.zopim.com static.hotjar.com script.hotjar.com *.rfihub.net *.rfihub.com cdn.districtm.ca secure.adnxs.com libs.na.bambora.com *.postescanada-canadapost.ca amik.postaffiliatepro.com snapwidget.com cdn1.lavieenrose.com cdn1.bikinivillage.com s7.addthis.com m.addthisedge.com m.addthis.com maps.googleapis.com creator.zmags.com c.zmags.com www.google-analytics.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com d.impactradius-event.com www.googletagmanager.com pixel.adacado.com js-agent.newrelic.com bam.nr-data.net secure.quantserve.com rules.quantcount.com; font-src data: 'self' *.zopim.com fonts.gstatic.com cdn1.lavieenrose.com cdn1.bikinivillage.com; img-src data: 'self' www.google.nl www.google.fr www.google.com www.google.ca www.google-analytics.com www.gstatic.com gstatic.com maps.gstatic.com www.googltagmanager.com maps.googleapis.com stats.g.doubleclick.net googleads.g.doubleclick.net dmx.districtm.ca secure.adnxs.com cdn.na.bambora.com www.addthis.com m.addthis.com *.zopim.com *.zopim.io creator.zmags.com c.zmags.com ws1.postescanada-canadapost.ca *.bikinivillage.com *.lavieenrose.com connect.facebook.net www.facebook.com static.hotjar.com script.hotjar.com vars.hotjar.com insights.hotjar.com pixel.quantserve.com; frame-src 'self' 'unsafe-eval' *.rfihub.com vars.hotjar.com libs.na.bambora.com *.lavieenrose.com gsa://onpageload *.doubleclick.net player.vimeo.com connect.facebook.net snapwidget.com www.facebook.com s7.addthis.com bid.g.doubleclick.net; connect-src 'self' wss://*.zopim.com insights.hotjar.com wss://*.hotjar.com www.google.com www.google.ca *.zopim.com ws1.postescanada-canadapost.ca *.zmags.com stats.g.doubleclick.net s7.addthis.com m.addthis.com www.google-analytics.com; media-src 'self' *.zopim.com; report-uri /csp-report; 2
default-src 'self' data: https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net; base-uri 'self'; block-all-mixed-content; child-src 'self' https://tealium-f.squarecdn.com https://tealium-c.squarecdn.com https://d3a2ymoycmbv15.cloudfront.net https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net https://a8447815042.cdn-pci.optimizely.com *.youtube.com *.ytimg.com; connect-src wss: 'self' data: https://*.squareup.com https://*.squareupstaging.com https://*.mktoresp.com https://*.google.com https://*.google-analytics.com https://logx.optimizely.com https://tapi.optimizely.com https://errors.client.optimizely.com; font-src 'self' data: https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net https://*.squareup.com https://*.squareupstaging.com https://*.mktoresp.com https://*.google.com https://*.google-analytics.com https://logx.optimizely.com *.youtube.com *.ytimg.com; object-src 'self' https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net; script-src 'self' 'unsafe-inline' 'report-sample' https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net https://*.squareup.com https://*.squareupstaging.com https://*.mktoresp.com https://*.google.com https://*.google-analytics.com https://logx.optimizely.com https://cdn-pci.optimizely.com *.youtube.com *.ytimg.com; style-src 'self' 'unsafe-inline' https://public-web-production-c.squarecdn.com https://public-web-production-f.squarecdn.com https://public-web-staging-c.squarecdn.com https://public-web-staging-f.squarecdn.com https://dl6rt3mwcjzxg.cloudfront.net https://d1g145x70srn7h.cloudfront.net; upgrade-insecure-requests; report-uri https://square.report-uri.com/r/d/csp/reportOnly 2
default-src 'self' *.lendingclub.com lendingclub.com; img-src * data:; script-src 'unsafe-inline' 'self' *.lendingclub.com lendingclub.com js-agent.newrelic.com bam.nr-data.net t.a3cloud.net cdn.plaid.com *.googletagmanager.com/gtag/ *.googleadservices.com/pagead/ googleads.g.doubleclick.net/pagead/ s.pinimg.com connect.facebook.net; connect-src 'self' js-agent.newrelic.com bam.nr-data.net ct.pinterest.com; frame-src 'self' cdn.plaid.com; font-src 'self' data:; style-src 'unsafe-inline' 'self'; report-uri /site/csp/report-only 2
default-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report/index 2
default-src 'self';    form-action 'self';    frame-src 'self' https://live.sagepay.com https://test.sagepay.com https://cse.google.com gsa://onpageload https://www.google.com https://www.google.com/recaptcha/ https://s7.addthis.com https://edge.addthis.com https://www.youtube.com https://player.vimeo.com;    script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.canford.co.uk https://www.canford.fr https://www.canford.de https://ajax.aspnetcdn.com https://www.google.com https://www.googleapis.com https://cse.google.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://translate.google.com https://translate.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.addthis.com https://*.addthisedge.com https://*.facebook.com https://www.linkedin.com https://services.postcodeanywhere.co.uk https://canfo11114.pcapredict.com https://www.auctionnudge.com https://assets-auctionnudge.s3.amazonaws.com https://cdn.rawgit.com/google/ safari-extension:;    style-src 'self' 'unsafe-inline' https://www.canford.co.uk https://www.canford.fr https://www.canford.de https://www.google.com https://fonts.googleapis.com https://translate.googleapis.com https://services.postcodeanywhere.co.uk https://assets-auctionnudge.s3.amazonaws.com https://cdn.rawgit.com/google/;    font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com;    img-src 'self' https: data:;    media-src 'self' https://ssl.gstatic.com;    connect-src 'self' wss://www.canford.co.uk wss://www.canford.fr wss://www.canford.de https://ajax.aspnetcdn.com https://google-analytics.com https://www.google-analytics.com https://ajax.googleapis.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://*.addthis.com https://services.postcodeanywhere.co.uk https://translate.googleapis.com https://www.bing.com https://www.howsmyssl.com;    report-uri /Utils/CSPNotification?CspType=Notification https://canford.report-uri.com/r/d/csp/reportOnly https://canford.report-uri.com/r/d/csp/wizard     2
default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; report-uri https://sp.report-uri.com/r/default/csp/reportOnly 2
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https://b27bc57f5ac35510ce587d23f4bd7d03.report-uri.com/r/d/csp/reportOnly 2
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://consent.cookiebot.com/uc.js https://consent.cookiebot.com/97d3b191-ad18-48f5-80ae-d62b3aea1449/cc.js https://consentcdn.cookiebot.com/consentconfig/97d3b191-ad18-48f5-80ae-d62b3aea1449/state.js https://consent.cookiebot.com/b5074936-b18e-4414-88f2-8de62ed0b7c9/cc.js https://consentcdn.cookiebot.com/consentconfig/b5074936-b18e-4414-88f2-8de62ed0b7c9/state.js http://w.usabilla.com/8f9054bf779b.js http://w.usabilla.com/cbf59fb24a0a.js https://chat.vanlanschot.nl http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google.com/recaptcha/api.js https://www.gstatic.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com https://chat.vanlanschot.nl;img-src 'self' https://www.google-analytics.com https://insights.hotjar.com https://static.hotjar.com http://static.hotjar.com data:;frame-src 'self' https://player.vimeo.com https://vars.hotjar.com https://www.google.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com https://static.hotjar.com http://static.hotjar.com;connect-src 'self' https://chat.vanlanschot.nl http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com;child-src 'self' https://vars.hotjar.com;report-uri /api/csp/report 2
default-src 'self' https:; font-src 'self' https: data: data://* use.typekit.net; img-src 'self' https: data: my.raspberrypi.org profiles-production.s3.eu-west-1.amazonaws.com p.typekit.net; object-src 'none'; script-src 'self' https: 'unsafe-inline' www.google-analytics.com www.googletagmanager.com use.typekit.net; style-src 'self' https: 'unsafe-inline' use.typekit.net; connect-src wss://*.intercom.io; report-uri https://raspberrypi.report-uri.com/r/d/csp/reportOnly 2
policy-uri /http://www.ftse.com/* https://www.ftse.com/* 2
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/aftenposten/publishing/pro 2
frame-ancestors  http://www.sozialversicherung.at https://www.sozialversicherung.gv.at; frame-src  http://www.sozialversicherung.at https://www.sozialversicherung.gv.at https://sso.sozialversicherung.at; report-uri https://www.sozialversicherung.at/cds_csp/ 2
default-src 'self'; frame-ancestors 'self' *.bundesregierung.de *.bundeskanzlerin.de *.deutschland-kann-das.de *.deutscher-kurzfilmpreis.de *.eu-gleichbehandlungsstelle.de *.integrationsbeauftragte.de *.bund.de; frame-src *.bundesregierung.de *.bundeskanzlerin.de *.deutschland-kann-das.de *.deutscher-kurzfilmpreis.de *.eu-gleichbehandlungsstelle.de *.integrationsbeauftragte.de *.bund.de streaming.talk42.de 'self'; style-src *.bundesregierung.de *.bundeskanzlerin.de *.deutschland-kann-das.de *.deutscher-kurzfilmpreis.de *.eu-gleichbehandlungsstelle.de *.integrationsbeauftragte.de *.bund.de  https://cdn.leafletjs.com/leaflet/v0.7.7/ https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/ 'unsafe-inline'; img-src *.bundesregierung.de *.bundeskanzlerin.de *.deutschland-kann-das.de *.deutscher-kurzfilmpreis.de *.eu-gleichbehandlungsstelle.de *.integrationsbeauftragte.de *.bund.de https://a.tile.openstreetmap.org https://b.tile.openstreetmap.org https://c.tile.openstreetmap.org https://a.tile.openstreetmap.de https://b.tile.openstreetmap.de https://c.tile.openstreetmap.de data: 'unsafe-inline'; script-src *.bundesregierung.de *.bundeskanzlerin.de *.deutschland-kann-das.de *.deutscher-kurzfilmpreis.de *.eu-gleichbehandlungsstelle.de *.integrationsbeauftragte.de *.bund.de https://ssl.p.jwpcdn.com/player/ https://www.youtube.com https://s.ytimg.com/yts/jsbin/ https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/ https://vjs.zencdn.net/5.9.2/ 'unsafe-inline'; font-src *.bundesregierung.de *.bundeskanzlerin.de *.deutschland-kann-das.de *.deutscher-kurzfilmpreis.de *.eu-gleichbehandlungsstelle.de *.integrationsbeauftragte.de *.bund.de https://ssl.p.jwpcdn.com data: 'self'; media-src *.bundesregierung.de 'self'; report-uri /service/csp-report 2
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; font-src https: data: http:; 2
default-src https: 'unsafe-eval' 'unsafe-inline' data: about: gsa://onpageload; report-uri /_csp_report_/ 2
default-src https:; script-src https: data: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 2
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https:; report-uri /_csp 2
connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline' 2
default-src https: 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; report-uri /WS.asmx/CSP 2
default-src default-src 'self' https: blob: data: wss://*.byojet.com.au:* wss://*.byojet.co.nz:* wss://*.byojet.co.uk:* wss://*.byojet.ae:* wss://*.byojet.co.za:* wss://*.byojet.com.sg:* wss://*.byojet.ie:*; script-src 'self' https://www.google-analytics.com; report-uri https://jetmax.report-uri.com/r/d/csp/wizard 2
default-src 'self';               script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.aspnetcdn.com http://cdn.livechatinc.com https://secure.livechatinc.com/ https://www.googletagmanager.com https://policy.cookieinformation.com https://assets.juicer.io https://connect.facebook.net https://pixel.mathtag.com https://js.hs-scripts.com https://js.hsadspixel.net https://js.hs-analytics.net https://www.google-analytics.com;                style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://impreza.us-themes.com https://assets.juicer.io;               img-src 'self' data: https://secure.livechatinc.com/ https://dashboard.umbraco.org https://assets.juicer.io https://graph.facebook.com https://scontent.xx.fbcdn.net https://external.xx.fbcdn.net https://match.adsrvr.org https://pixel.mathtag.com https://www.facebook.com https://www.google-analytics.com https://track.hubspot.com;               connect-src 'self' https://recruiter-api.hr-manager.net https://assets.juicer.io http://www.juicer.io https://api.hubapi.com;               object-src 'self';               media-src 'self';               frame-src 'self';               font-src 'self' https://assets.juicer.io; 2
script-src 'unsafe-eval' 'self' meta.wikimedia.org *.wikimedia.org *.wikipedia.org *.wikinews.org *.wiktionary.org *.wikibooks.org *.wikiversity.org *.wikisource.org wikisource.org *.wikiquote.org *.wikidata.org *.wikivoyage.org *.mediawiki.org 'unsafe-inline'; default-src 'self' data: blob: upload.wikimedia.org https://commons.wikimedia.org meta.wikimedia.org *.wikimedia.org *.wikipedia.org *.wikinews.org *.wiktionary.org *.wikibooks.org *.wikiversity.org *.wikisource.org wikisource.org *.wikiquote.org *.wikidata.org *.wikivoyage.org *.mediawiki.org wikimedia.org; style-src 'self' data: blob: upload.wikimedia.org https://commons.wikimedia.org meta.wikimedia.org *.wikimedia.org *.wikipedia.org *.wikinews.org *.wiktionary.org *.wikibooks.org *.wikiversity.org *.wikisource.org wikisource.org *.wikiquote.org *.wikidata.org *.wikivoyage.org *.mediawiki.org wikimedia.org 'unsafe-inline'; report-uri /w/api.php?action=cspreport&format=json&reportonly=1& 2
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.allesedv.at/mixedContentReporting.php 2
default-src 'self'; block-all-mixed-content; connect-src 'self' https://api.rollbar.com https://www.facebook.com/tr/ https://www.google-analytics.com https://secure.helpscout.net https://api.ipify.org; font-src 'self' data: https://cdn.weddybird.com https://fonts.gstatic.com; frame-src 'self' https://djtflbt20bdde.cloudfront.net *; img-src 'self' data: https://weddybird.com https://cdn.weddybird.com https://cdn.pndsrv.net *; media-src 'self' https://djtflbt20bdde.cloudfront.net *; object-src 'self' https://djtflbt20bdde.cloudfront.net *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://connect.facebook.net https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/ https://tagmanager.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://djtflbt20bdde.cloudfront.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://tagmanager.google.com https://d12wqas9hcki3z.cloudfront.net https://djtflbt20bdde.cloudfront.net; report-uri /csp/report 2
default-src 'self'; font-src https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://www.google-analytics.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://www.googletagmanager.com; frame-src https://www.movingimage24.com https://videomanager.movingimage24.com https://irs.tools.investis.com; report-uri https://jenoptik.report-uri.io/r/default/csp/reportOnly 2
connect-src *;frame-src *;img-src https: data: blob: about: safari-extension: safari-resource: chrome-extension: http://*.rackcdn.com http://*.tumblr.com http://huaban.com;worker-src blob:;script-src https: 'unsafe-eval' 'unsafe-inline'; report-uri /log/csp 2
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://b3ceba9babf02086c0dca962bbbd1cda.report-uri.io/r/default/csp/reportOnly 2
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; frame-src https: https://uniplants.com https://procvetok.com https://myproplants.com https://procvetok.by https://procvetok.ru https://procvetok.kz https://news.procvetok.com; report-uri /csp/report?always 2
default-src 'self' data: 'unsafe-inline' f.bongo4u.com; script-src 'self' data: 'unsafe-inline' f.bongo4u.com blob: 'unsafe-eval' *.google.com *.gstatic.com www.google-analytics.com ajax.googleapis.com *.googleusercontent.com *.googleadservices.com *.facebook.net *.twitter.com *.twimg.com *.youtube.com *.ytimg.com *.yahooapis.com *.mailchimp.com *.list-manage.com *.amazonaws.com/downloads.mailchimp.com/ cdnjs.cloudflare.com *.jquery.com; connect-src 'self' data: 'unsafe-inline' f.bongo4u.com comments.emerge2.com util.emerge2.com www.google-analytics.com *.doubleclick.net; frame-src 'self' data: 'unsafe-inline' f.bongo4u.com *.google.com *.google.ca *.youtube.com *.youtu.be *.facebook.com *.twitter.com *.twimg.com *.instagram.com *.yahoo.com *.catalog-display.com *.shortstack.com *.pgtb.me *.formstack.com *.list-manage.com *.doubleclick.net *.orgill.com *.orgill.ca *.ecomadviewer.com *.castlecommunications.ca *.chameleonpower.com *.timbertech.com; object-src 'self' data: 'unsafe-inline' f.bongo4u.com  blob: *.apple.com *.macromedia.com; img-src https: data: blob:; media-src https:; style-src 'self' data: 'unsafe-inline' f.bongo4u.com *.google.com fonts.googleapis.com *.googleusercontent.com *.bootstrapcdn.com *.twitter.com *.twimg.com *.mailchimp.com; font-src 'self' data: 'unsafe-inline' f.bongo4u.com fonts.googleapis.com fonts.gstatic.com *.bootstrapcdn.com *.joinhoney.com/fonts/; report-uri https://util.emerge2.com/report_uri_api.php; 2
default-src https: 'unsafe-eval' 'unsafe-inline' 2
default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; frame-ancestors 'self'; report-uri https://stoklasa.report-uri.io/r/default/csp/reportOnly 2
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://qualys.report-uri.com/r/d/csp/reportOnly 2
default-src 'none'; script-src data: 'unsafe-eval' 'self' 'unsafe-inline' *.twitter.com assets.zendesk.com developer.setapp.com sdk.amazonaws.com www.google-analytics.com stats.g.doubleclick.net cdn.paddle.com checkout.paddle.com; style-src 'self' 'unsafe-inline' cdn.paddle.com; img-src * data:; media-src getdropsha.re dropshare.app; frame-src *.twitter.com syndication.twitter.com checkout.paddle.com www.paypal.com; font-src 'self' data fonts.gstatic.com; connect-src 'self' *.twitter.com analytics.paddle.com stats.g.doubleclick.net www.google-analytics.com dropshare-cloud-uploads.s3.eu-central-1.amazonaws.com dropshare.zendesk.com setapp.click; report-uri https://sentry.chaos.cloud/api/2/csp-report/?sentry_key=efe40d35e42c41278d24be556a4fad1f 2
default-src http: https:; script-src data: 'unsafe-inline' 'unsafe-eval' http: https: blob:; style-src 'unsafe-inline' http: https:; img-src data: http: https:; font-src data: http: https:; connect-src http: https: wss://ws3.hotjar.com; report-uri https://webstores.report-uri.com/r/d/csp/reportOnly; 2
default-src 'self'; script-src *.helsenorge.no helsenorge.no www.googletagmanager.com www.google-analytics.com fast.wistia.com fast.wistia.net 'unsafe-inline' 'unsafe-eval'; style-src *.helsenorge.no 'self' 'unsafe-inline'; img-src data: *.helsenorge.no helsenorge.no googletagmanager.com www.google-analytics.com www.googletagmanager.com d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net; font-src data: *.helsenorge.no; connect-src *.helsenorge.no helsenorge.no dpm.demdex.net www.google-analytics.com www.googletagmanager.com; frame-src www.youtube.com player.vimeo.com fast.wistia.net dpm.demdex.net helsenorge.demdex.net; frame-ancestors 'none'; object-src 'none'; report-uri https://f1a79774c38073e7aa3a3ef3a9a0bc6b.report-uri.com/r/t/csp/reportOnly; 2
default-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; report-uri https://ramsalt.report-uri.io/r/default/csp/reportOnly 2
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.doubleclick.net connect.facebook.net *.ytimg.com www.youtube.com www.google.com www.google.no track.adform.net assets.adobedtm.com sparebank1.d3.sc.omtrdc.net cdn.tt.omtrdc.net www.googleadservices.com *.boost.ai *.cicero.no *.sparebank1.no www.googletagmanager.com secure.adnxs.com maps.googleapis.com js.hs-analytics.net js.hs-scripts.com api.hubapi.com js.hsadspixel.net; style-src 'self' 'unsafe-inline' *.boost.ai *.sparebank1.no fonts.googleapis.com *.bootstrapcdn.com www.youtube.com; img-src 'self' *.yahoo.com secure.adnxs.com track.adform.net *.doubleclick.net assets.adobedtm.com sparebank1.d3.sc.omtrdc.net alliansesamarbeidets.tt.omtrdc.net www.facebook.com *.sparebank1.no csi.gstatic.com maps.gstatic.com maps.googleapis.com *.boost.ai www.google.no www.google.com cm.everesttech.net dpm.demdex.net resources.mynewsdesk.com track.hubspot.com data:; connect-src 'self' dpm.demdex.net *.cicero.no *.boost.ai *.omtrdc.net data.brreg.no *.sparebank1.no www.facebook.com www.mynewsdesk.com publish.ne.cision.com api.hubapi.com; font-src 'self' *.boost.ai *.sparebank1.no fonts.gstatic.com resources.mynewsdesk.com *.bootstrapcdn.com data:; media-src 'none'; frame-ancestors 'self'; frame-src 'self' www.sr-finans.no *.sparebank1.no lt.morningstar.com www.youtube.com player.vimeo.com www.facebook.com track.adform.net assets.adobedtm.com apis.google.com s-static.ak.facebook.com *.doubleclick.net dpm.demdex.net sparebank1.demdex.net www.google.no www.google.com cws.huginonline.com www.sign.nets.eu ir.asp.manamind.com www.sb1finans.no www.snnfinans.no; report-uri /bin/logservlet 2
default-src https:; style-src 'self' 'unsafe-inline' https://*.liveperson.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.liveperson.net; report-uri https://www.stampxpress.com/report.aspx 2
default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors https://*.cmore.se https://*.cmore.dk https://*.cmore.no; report-uri /csp-report 2
default-src https:;script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-inline';img-src https: data: blob:;font-src https: data:;connect-src 'self' https: blob:;report-uri /csp-report 2
script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' data: 'unsafe-inline' https: http://fonts.googleapis.com; report-uri https://sentry.io/api/66238/security/?sentry_key=aad69dffe3e04e4883beea3d87772f7d; default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https:; frame-src 'self' https:; img-src 'self' data: https: http://g.foolcdn.com http://px.moatads.com; media-src 'self' https:; connect-src 'self' https: wss://www.fool.com wss://*.33across.com wss://*.hotjar.com; font-src 'self' data: https: 2
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp_report.php 2
default-src https://www.regionorebrolan.se:443;script-src *.google.com ssl.google-analytics.com ssl.webserviceaward.com *.orebroll.se www.regionorebrolan.se https://js-agent.newrelic.com 'self' 'unsafe-inline' 'unsafe-eval'  data:;style-src  'self' 'unsafe-inline' ssl.webserviceaward.com;img-src *.orebroll.se ssl.google-analytics.com ssl.webserviceaward.com www.regionorebrolan.se 'self' data:;media-src rstts.readspeaker.com app.readspeaker.com streamio.com;frame-src *.youtube.com app.readspeaker.com  rstts.readspeaker.com media.readspeaker.com www.regionorebrolan.se https://streamio.com;connect-src rstts.readspeaker.com;report-uri https://www.regionorebrolan.se/csp-report 2
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;child-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/aftonbladet/publishing/pro 2
default-src 'self'; 2
default-src 'self'; connect-src 'self' blob: https://*.video-cdn.net; font-src 'self' https://*.video-cdn.net https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.video-cdn.net https://www.youtube.com; img-src 'self' data: https://viegade01.wt-eu02.net https://viega01.webtrekk.net https://*.video-cdn.net https://maps.gstatic.com https://*.googleapis.com; media-src 'self' https://videocdn-blob-1.akamaized.net https://videocdnvod1-vh.akamaihd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.video-cdn.net https://www.youtube.com https://s.ytimg.com https://maps.googleapis.com https://e.issuu.com https://responder.wt-safetag.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.fonts.net; plugin-types application/pdf 2
default-src https: data: blob: wss: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://sentry.io/api/256178/csp-report/?sentry_key=c2fb05422b2242faaec1d6d8a2a000fc 2
default-src 'self'; report-uri https://archives.novascotia.ca/csp_collector.php 2
default-src 'self' https://www.google.com; object-src 'none'; connect-src 'self' https://recommender.scarabresearch.com https://rum-collector-2.pingdom.net; img-src 'self' https://www.kickz.com https://secure.comodo.com https://www.facebook.com https://www.google.com https://www.google.de https://googleads.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://apis.google.com https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googlecommerce.com https://googleads.g.doubleclick.net https://loader.wisepops.com https://static.hotjar.com https://script.hotjar.com https://cdn.scarabresearch.com https://rum-static.pingdom.net https://maxcdn.bootstrapcdn.com https://www.etracker.com https://code.etracker.com https://static.etracker.com https://www.etracker.de https://secure.comodo.com https://connect.facebook.net; worker-src 'self' https://www.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://blog.kickz.com https://www.google.com https://vars.hotjar.com 2
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; report-uri https://www.milestonesys.com/csp/report 2
style-src https://*.btrll.com https://*.oath.com https://*.yimg.com https://*.yahoo.com 'self' 'unsafe-inline' data: blob:; script-src https://*.btrll.com https://*.oath.com https://*.yahoo.com https://*.yimg.com 'self' 'unsafe-inline' 'unsafe-eval' https://platform.twitter.com https://*.btrll.com data: blob:; frame-ancestors https://*.techcrunch.com https://*.huffingtonpost.com https://*.aol.com https://*.yahoo.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=2ds7ac5e0oqe4&partner=; 1
default-src https: 'unsafe-inline' 'unsafe-eval' data: blob: ; report-uri https://reports.baidu.com/csp-report 1
default-src 'none'; connect-src 'self' www.kinopoisk.ru bo.kinopoisk.ru *.facebook.net *.facebook.com *.yandex.net an.yandex.ru mobile.yandex.net static-mon.yandex.net widgets.kinopoisk.ru an.yandex.ru google.com mc.yandex.ru mc.yandex.by mc.yandex.ua mc.yandex.kz api.passport.yandex.ru yandex.ru ads.adfox.ru ott-widget.kinopoisk.ru logger.kp.yandex.net; font-src 'self' www.kinopoisk.ru yastatic.net yastatic.net st.kp.yandex.net st.kp.yandex.net st1.kp.yandex.net st2.kp.yandex.net st3.kp.yandex.net st4.kp.yandex.net st5.kp.yandex.net st6.kp.yandex.net st7.kp.yandex.net st8.kp.yandex.net; form-action 'self'; frame-src 'self' www.kinopoisk.ru auth.kinopoisk.ru yastatic.net betastatic.yandex.net betastatic.yastatic.net yastatic.net st.kp.yandex.net st.kp.yandex.net static.kp.yandex.net kiks.kinopoisk.ru kiks.yandex.ru awsync.kinopoisk.ru awsync.yandex.ru google.com vk.com *.facebook.com *.facebook.net *.yandex.net facebook.com syndication.twitter.com www.facebook.com platform.twitter.com st.yandexadexchange.net music.yandex.ru widgets.kinopoisk.ru www.youtube.com video.kinopoisk.ru quiz.kinopoisk.ru tickets.widget.tst.kinopoisk.ru tickets.widget.kinopoisk.ru; img-src 'self' data: www.kinopoisk.ru vk.com vkontakte.ru pbs.twimg.com platform.twitter.com syndication.twitter.com *.facebook.net *.facebook.com *.yandex.net google.com imeem.com samsung.com yandex.ru yandex.st yastatic.net yastatic.net st.kp.yandex.net st.kp.yandex.net avatars.mds.yandex.net storage.mds.yandex.net avatars.mds.yandex.net awaps.yandex.net www.tns-counter.ru ar.tns-counter.ru favicon.yandex.net ads.adfox.ru an.yandex.ru mc.yandex.ru st1.kp.yandex.net st2.kp.yandex.net st3.kp.yandex.net st4.kp.yandex.net st5.kp.yandex.net st6.kp.yandex.net st7.kp.yandex.net st8.kp.yandex.net awaps.yandex.ru *.twimg.com mc.kinopoisk.ru; manifest-src www.kinopoisk.ru yastatic.net betastatic.yandex.net betastatic.yastatic.net yastatic.net st.kp.yandex.net; media-src 'self'; object-src vimeo.com www.kinopoisk.ru st.kp.yandex.net st.kp.yandex.net vesti.ru; script-src 'self' www.kinopoisk.ru 'unsafe-inline' 'unsafe-eval' yandex.st auth.kinopoisk.ru yastatic.net yastatic.net st.kp.yandex.net st.kp.yandex.net *.facebook.net *.facebook.com *.yandex.net ajax.googleapis.com vk.com vkontakte.ru platform.twitter.com mc.yandex.ru ads.adfox.ru browser-updater.yandex.net an.yandex.ru cdn.syndication.twimg.com st1.kp.yandex.net st2.kp.yandex.net st3.kp.yandex.net st4.kp.yandex.net st5.kp.yandex.net st6.kp.yandex.net st7.kp.yandex.net st8.kp.yandex.net matchid.adfox.yandex.ru maps.googleapis.com; style-src 'self' 'unsafe-inline' www.kinopoisk.ru st.kp.yandex.net st.kp.yandex.net yastatic.net yastatic.net auth.kinopoisk.ru platform.twitter.com st1.kp.yandex.net st2.kp.yandex.net st3.kp.yandex.net st4.kp.yandex.net st5.kp.yandex.net st6.kp.yandex.net st7.kp.yandex.net st8.kp.yandex.net *.twimg.com; report-uri https://csp.yandex.net/csp?from=kinopoisk-old&yandex_login=&yandexuid=1000000001010011010 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=68d3f2d5-6dc6-4fec-84aa-dfce8d08716f&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
style-src 'unsafe-inline' https://*.flickr.com https://s.yimg.com https://cdn.yahooapis.com https://yui-s.yahooapis.com https://de.adserver.yahoo.com https://fc.yahoo.com https://radar.cedexis.com https://*.braintreegateway.com https://*.sandbox.paypal.com https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://api.digitalriver.com https://cdn.siftscience.com https://*.flickrpro.com; default-src https://*.flickr.com https://*.staticflickr.com; img-src data: blob: https://*.flickr.com https://*.staticflickr.com https://ec.yimg.com https://s.yimg.com https://geo.yahoo.com https://de.adserver.yahoo.com https://sb.scorecardresearch.com https://image.maps.api.here.com http://*.static-alpha.flickr.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://hexagon-analytics.com https://*.flickrpro.com; media-src https://*.flickr.com https://*.staticflickr.com https://s.yimg.com https://*.http.atlas.cdn.yimg.com http://*.static-alpha.flickr.com https://*.flickrpro.com; script-src 'unsafe-eval' 'unsafe-inline' 'nonce-9fcf41474136d851f44d70319c7c8f97' 'strict-dynamic' https://*.flickr.com https://s.yimg.com https://cdn.yahooapis.com https://yui-s.yahooapis.com https://de.adserver.yahoo.com https://fc.yahoo.com https://radar.cedexis.com https://*.braintreegateway.com https://*.sandbox.paypal.com https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://api.digitalriver.com https://cdn.siftscience.com https://*.flickrpro.com; connect-src https://*.flickr.com https://s.yimg.com https://geo.query.yahoo.com https://cdn.yahooapis.com https://yui-s.yahooapis.com https://api.flickr.com https://geo.yahoo.com https://*.braintreegateway.com https://*.sandbox.paypal.com https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://cdn.siftscience.com https://store.digitalriver.com https://*.flickrpro.com; frame-src https://y-flickr.yahoo.com https://*.flickr.com https://s.yimg.com https://de.adserver.yahoo.com https://*.braintreegateway.com https://*.sandbox.braintreegateway.com https://assets.braintreegateway.com/ https://*.paypal.com https://*.paypalobjects.com; child-src https://y-flickr.yahoo.com https://*.flickr.com https://s.yimg.com https://de.adserver.yahoo.com https://*.braintreegateway.com https://*.sandbox.braintreegateway.com https://assets.braintreegateway.com/ https://*.paypal.com https://*.paypalobjects.com; font-src https://s.yimg.com https://*.flickr.com data:; worker-src blob:; report-uri https://www.flickr.com/csp_report.gne?src=adsecflickrreport; 1
block-all-mixed-content; report-uri https://events.ocdn.eu/v2/csp-report?_ac=events&_fv=www.onet.pl::MAINPAGE_APROD_NEW 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com&source%5Bsection%5D=brochure&source%5Buuid%5D=5f1e8d2732639ebe59b6d07787ab244b 1
img-src data: https:; default-src data: blob: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://counter.drom.ru/report/ 1
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/; 1
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-' 'sha256-' 'none'; report-uri https://cspreport.olx.com.br/api/v1/cspreport/mixedcontent 1
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline'; report-uri https://stackoverflow.report-uri.io/r/default/csp/reportOnly 1
connect-src https:; report-uri https://www.yodobashi.com/ws/api/ap/csp/report 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=137-9254957-6953767:rid=PNQFAY0GYS3BZXJCQBDF:sn=www.audible.com 1
report-uri /stingray/do/csp-violation; default-src 'self' https://www.redfin.com *.cdn-redfin.com; connect-src 'self' https://www.redfin.com it-help.redfin.com https://p.tvpixel.com https://*.g.doubleclick.net *.google-analytics.com *.akamaihd.net https://*.facebook.com https://*.google.com https://*.twilio.com wss://tsock.twilio.com *.walkme.com https://rapi.getjaco.com *.pinterest.com; style-src 'unsafe-inline' 'self' *.cdn-redfin.com https://fonts.googleapis.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' *.cdn-redfin.com *.google-analytics.com https://www.googleadservices.com *.scorecardresearch.com https://*.g.doubleclick.net https://bat.bing.com https://*.adition.com *.googletagmanager.com https://js-agent.newrelic.com https://bam.nr-data.net *.akamaihd.net *.gstatic.com *.facebook.net *.facebook.com *.google.com https://maps.googleapis.com *.ggpht.com *.parcelstream.com parcelstream.com https://media.twiliocdn.com blob: *.walkme.com https://rapi.getjaco.com *.pinimg.com; frame-src https://www.redfin.com https://bid.g.doubleclick.net *.facebook.net *.facebook.com *.google.com *.matterport.com *.walkme.com https://www.youtube.com; img-src 'self' data: *.cdn-redfin.com https://ssl.cdn-redfin.com *.google-analytics.com https://www.googleadservices.com *.scorecardresearch.com https://*.g.doubleclick.net https://bat.bing.com https://*.adition.com *.googletagmanager.com https://p.tvpixel.com https://*.cogocast.net https://*.rlcdn.com https://*.fbsbx.com *.akamaihd.net *.facebook.net *.facebook.com *.google.com *.fbcdn.net *.walk.sc https://maps.googleapis.com *.ggpht.com *.gstatic.com *.googleapis.com *.parcelstream.com parcelstream.com *.matterport.com https://www.brimg.net *.walkme.com *.cloudfront.net *.pinterest.com https://pinterest.adsymptotic.com http://media.cdn-redfin.com; media-src 'self' data: *.cdn-redfin.com; font-src data: https://www.redfin.com *.gstatic.com; form-action 'self' *.facebook.net *.facebook.com; 1
frame-ancestors 'self' https://askfm.adspirit.de; report-uri https://ask.fm/report.php 1
default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://abccsp.report-uri.com/r/t/csp/reportOnly 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://vmujcl5xwlshwvuuamynnej4.httpschecker.net/report 1
block-all-mixed-content; report-uri /PreserveCspReport/ 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri /1/apitun/security/csp-report; 1
report-uri /csp-report?p=; block-all-mixed-content; connect-src 'self' https://runkit.com https://www.facebook.com/tr/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com; frame-src 'self' https://runkit.com https://platform.twitter.com https://syndication.twitter.com https://connect.facebook.net/ https://js.stripe.com; media-src 'self' https://d37ugbyn3rpeym.cloudfront.net; script-src 'self' 'nonce-pW00p0G19v4F0gira/sNSQ==' https://embed.runkit.com https://platform.twitter.com/widgets.js https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://ga.clearbit.com/v1/ga.js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtm.js 'sha256-imsFFurH1ga4dD0qKUrFgho9H3IWz4uSv9zqGPhDauo=' 'sha256-hOAiTeVRh1G6sL37DRPcchapAacG4IsPVHh/NWUtqzY=' 'sha256-xCVAFjvclbG6Z0PLN11uLptfgK7kytY1ciHdDJwZhrQ=' 'sha256-0cbzpPToyinPtZRkh8nit24VtCOx9DV0QrXA0aSbexs=' 'unsafe-eval' https://js.stripe.com 'report-sample'; img-src 'self' data: https://www.facebook.com/tr/ https://stats.g.doubleclick.net/r/collect https://www.google.com/ads/ga-audiences https://www.google-analytics.com/r/collect https://www.google-analytics.com/collect https://dc.ads.linkedin.com/collect/ https://www.linkedin.com/px/ https://px.ads.linkedin.com https://q.stripe.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net/t/1.css; font-src 'self' data:; form-action https://platform.twitter.com https://syndication.twitter.com https://syndication.twitter.com/i/jot https://connect.facebook.net/log/fbevents_telemetry/ 1
frame-ancestors 'self' *.hudl.com *.youtube.com *.sendtonews.com *.cbssports.com *.247sports.com *.scout.com *.ampproject.org *.amp.cloudflare.com; default-src https: 'unsafe-inline' 'unsafe-eval' wss: ;img-src https: data: blob: ; font-src https: data:; form-action https:; report-uri https://cbsi.report-uri.io/r/default/csp/reportOnly 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/vg/publishing/pro 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src data: https: http://helios.bt.no http://helios.fvn.no http://helios.aftenbladet.no http://helios.adressa.no; report-uri https://collector.schibsted.io/api/v1/csp/finn/platform-web/pro 1
frame-ancestors https://*.so-net.ne.jp http://*.so-net.ne.jp https://*.sonynetwork.co.jp https://*.sony.com https://*.sony.co.jp https://*.sonymobile.co.jp http://postpet.jp; report-uri /cgi-bin/csp-reports.cgi 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; report-uri /ikd_img/skins/ipko/grcv; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https: easy-js:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:;report-uri https://collector.schibsted.io/api/v1/csp/aftonbladet/publishing/pro 1
default-src 'self'; script-src 'self' 'nonce-758e9cc0-7f45-41f7-8cd7-d83a00fcb9c3' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*; media-src 'self' blob: https://videodelivery.net https://cloudflarestream.com; object-src 'self' https://embed.cloudflarestream.com; connect-src 'self' https://videodelivery.net https://cloudflarestream.com https://*.mktoresp.com https://www.google-analytics.com https://stats.g.doubleclick.net https://licensing.bitmovin.com https://*.is-cf.cloudflareresolve.com https://*.is-doh.cloudflareresolve.com https://*.is-dot.cloudflareresolve.com https://*.brokendnssec.net https://stats.videodelivery.net https://s.adroll.com; frame-src 'self' https://*.fls.doubleclick.net https://player.vimeo.com https://www.youtube.com https://*.cloudfront.net https://*.cloudflare.com https://*.marketo.com/; font-src 'self' data: https://bid.g.doubleclick.net; report-uri https://sentry.io/api/229513/security/?sentry_key=78606bb97fa04c0db6db5b68e5bfbf58&sentry_environment=production 1
default-src https:; base-uri 'self'; script-src 'unsafe-inline' https: 'nonce-aIursR9QE285ow==' 'strict-dynamic' 'unsafe-eval' *.zulily.com 'report-sample'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; object-src 'none'; block-all-mixed-content; report-uri https://productreviews-ext.prod.store.aws.z8s.io/csp-report-violations-report-only; 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.rollingstone.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src 'self';style-src 'self' 'unsafe-inline' g.alicdn.com at.alicdn.com *.test.youku.com *.taobao.net;script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' *.dingtalk.com *.cnzz.com *.alicdn.com market.wapa.taobao.com g.alicdn.com ynuf.alipay.com log.mmstat.com s.tbcdn.cn vip.laiwang.com wswukong.laiwang.com local.alipcsec.com:6691 *.taobao.net cfd.aliyun.com restapi.amap.com webapi.amap.com;connect-src 'self' *.dingtalk.com ynuf.alipay.com g.alicdn.com retcode.taobao.com dingtalk-cspase-sh.oss-cn-shanghai.aliyuncs.com dingtalk-cspase-sz.oss-cn-shenzhen.aliyuncs.com arms-retcode.aliyuncs.com arms-retcode.aliyuncs.com;frame-src 'self' h5.m.taobao.com qiye.aliyun.com log.laiwang.com g.alicdn.com login.dingtalk.com login2.dingtalk.com *.dingtalk.com mailsso.mxhichina.com wvjbscheme: alipaybridge: alipaymonitor: mmstat.alicdn.com res.mmstat.com;font-src 'self' at.alicdn.com g.alicdn.com data: *.taobao.net i.alicdn.com;img-src 'self' data: *.dingtalk.com *.aliimg.com *.alicdn.com *.mmstat.com ynuf.alipay.com arms-retcode.aliyuncs.com pin.aliyun.com fourier.alibaba.com retcode.taobao.com *.cnzz.com dingtalk-cspase-sh.oss-cn-shanghai.aliyuncs.com dingtalk-cspase-sz.oss-cn-shenzhen.aliyuncs.com restapi.amap.com;media-src 'self' *.dingtalk.com cloud.video.taobao.com videocdn.taobao.com tbm-auth.alicdn.com g.alicdn.com;report-uri https://csp.dingtalk.com/csp; 1
script-src 'self' https://d2ue93q3u507c2.cloudfront.net/assets/ www.google-analytics.com www.google.com connect.facebook.net boards.greenhouse.io bnc.lt 'sha256-51VrQohSBy60OE9ACVfTwwDbHswC/j17aC1a2cQTzF0='; style-src 'self' 'unsafe-inline' https://d2ue93q3u507c2.cloudfront.net/assets/; report-uri https://robinhood.com/_csp; manifest-src 'self'; default-src 'self'; frame-src connect.facebook.net google.com boards.greenhouse.io; img-src 'self' data: https://d2ue93q3u507c2.cloudfront.net/assets/ www.facebook.com stats.g.doubleclick.net www.google-analytics.com syndication.twitter.com; media-src 'self' https://d2ue93q3u507c2.cloudfront.net/assets/; object-src 'none'; connect-src 'self' *.robinhood.com www.google-analytics.com stats.g.doubleclick.net api.branch.io boards-api.greenhouse.io https://d2ue93q3u507c2.cloudfront.net/assets/; font-src 'self' https://d2ue93q3u507c2.cloudfront.net/assets/; block-all-mixed-content 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://deadline.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
connect-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/ https://*.braintreegateway.com http://dpm.demdex.net https://www.facebook.com https://*.usabilla.com https://bam.nr-data.net https://*.trainline.eu/; font-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/ data: https://fonts.gstatic.com; img-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/ data: https://*.online-metrix.net http://dpm.demdex.net https://www.facebook.com https://*.paypal.com https://*.doubleclick.net https://*.googlesyndication.com http://www.google-analytics.com https://www.google-analytics.com http://cm.everesttech.net; style-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/ 'unsafe-inline'; media-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/; script-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/ 'unsafe-inline' 'unsafe-eval' https://*.online-metrix.net https://assets.adobedtm.com http://assets.adobedtm.com https://www.google-analytics.com https://ssl.google-analytics.com http://www.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://*.paypal.com https://www.paypalobjects.com https://aff.bstatic.com https://js-agent.newrelic.com https://ad.doubleclick.net https://bam.nr-data.net https://static.ads-twitter.com https://analytics.twitter.com https://*.usabilla.com https://d2c7xlmseob604.cloudfront.net; object-src 'report-sample' 'self' https://static.trainlinecontent.com http://*.thetrainline.com/ https://*.thetrainline.com/ https://www.paypalobjects.com; report-uri https://csp.trainline.com?clientId=DesktopWeb; 1
default-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https: wss:; img-src https: data:; font-src https: data:; report-uri https://ee.report-uri.io/r/default/csp/reportOnly 1
style-src 'unsafe-inline' https://static.sketchfab.com https://fonts.googleapis.com; img-src data: * blob:; script-src https://static.sketchfab.com https://sketchfab.com 'self' 'unsafe-eval' 'unsafe-inline' https://*.sketchfab.com *.googleadservices.com https://cdn.optimizely.com https://cdn.webglstats.com https://cdn.mxpnl.com https://faye.getstream.io *.doubleclick.net https://www.google-analytics.com https://www.googletagmanager.com https://sketchfab.wufoo.com https://connect.facebook.net https://*.adroll.com https://*.licdn.com https://*.linkedin.com https://*.paypal.com; frame-src https://static.sketchfab.com https://sketchfab.com https://demos.sketchfab.com https://*.vimeo.com https://*.youtube.com https://*.facebook.com https://*.facebook.net https://*.doubleclick.net https://*.twitter.com https://*.wufoo.com https://*.paypal.com; media-src https://static.sketchfab.com https://sketchfab.com https://media.sketchfab.com https://media.sketchfab.com 'self'; default-src 'self'; connect-src https://sketchfab.com https://media.sketchfab.com https://sketchfab.com https://*.sketchfab.com https://media.sketchfab.com wss://faye.getstream.io https://api.mixpanel.com https://*.optimizely.com https://sentry.io https://*.google-analytics.com https://*.doubleclick.net https://*.mxpnl.net https://*.getstream.io https://*.paypal.com https://*.facebook.com; worker-src https://static.sketchfab.com https://sketchfab.com blob: 'self'; font-src https://static.sketchfab.com https://fonts.gstatic.com data:; report-uri https://sentry.io/api/1312882/security/?sentry_key=9e854fd5af164d1e98cee1bedb942a22 1
default-src 'none'; connect-src 'self' https://*.memrise.com https://api.segment.io https://app.splitmetrics.com https://fonts.googleapis.com https://mempa.fra-01.braze.eu https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com; form-action 'self' https://www.facebook.com; font-src data: *.memrise.com https://fonts.gstatic.com https://use.fontawesome.com; frame-src 'self' https://*.facebook.com https://js.stripe.com https://www.google.com; img-src 'self' data: https://*.memrise.com https://s3.amazonaws.com https://www.facebook.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.amcharts.com; media-src 'self' https://*.memrise.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.memrise.com https://cdn.segment.com https://cdnjs.cloudflare.com https://connect.facebook.net https://dalusewymm5m7.cloudfront.net https://js.appboycdn.com https://js.stripe.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://*.memrise.com https://fonts.googleapis.com https://use.fontawesome.com; report-uri https://errors.memrise.com/api/6/security/?sentry_key=b0576330dd774fc7a6ab4ecee3492fe0&sentry_environment=production; 1
default-src https: ; img-src https: data: ; script-src https: 'unsafe-inline' 'unsafe-eval' ; style-src https: 'unsafe-inline' ; child-src https: data: ; connect-src https: wss: ;report-uri https://p189fc3o1g.execute-api.ap-northeast-1.amazonaws.com/Prod/csp_report 1
child-src https:; connect-src https: wss:; font-src data: https:; frame-src https:; img-src blob: data: https:; media-src blob: data: https:; object-src 'self' https://*.app-eu.wrike.com https://*.wrike.com https://*.www.wrike.com https://d1c5qktmphn2d.cloudfront.net https://d28rj2ujhq2ikj.cloudfront.net https://d3tvpxjako9ywy.cloudfront.net https://youtube.com; script-src 'unsafe-eval' 'unsafe-inline' data: https://*.app-eu.wrike.com https://*.bizographics.com https://*.google-analytics.com https://*.linkedin.com https://*.marketo.com https://*.marketo.net https://*.twitter.com https://*.wrike.com https://*.www.wrike.com https://*.yandex.ru https://api.greenhouse.io https://api.pinterest.com https://apis.google.com https://assets.adobedtm.com https://bat.bing.com https://c.disquscdn.com https://cdn.onesignal.com https://cdn.ravenjs.com https://cdn.syndication.twimg.com https://commondatastorage.googleapis.com/code.snapengage.com/js/ https://connect.facebook.net https://d1c5qktmphn2d.cloudfront.net https://d28rj2ujhq2ikj.cloudfront.net https://d3rnld1uo6kgq2.cloudfront.net https://d3tvpxjako9ywy.cloudfront.net https://disqus.com https://fast.wistia.com https://fast.wistia.net https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1056104813/ https://i.simpli.fi https://munchkin.brightfunnel.com/js/build/bf-munchkin.min.js https://onesignal.com https://px.airpr.com/airpr.js https://s3.amazonaws.com/r.kissinsights.com/ https://secure.adnxs.com https://snap.licdn.com https://src.litix.io/core/2/mux.js https://static.ads-twitter.com https://track-mv.com https://turbo.qualaroo.com https://vidassets.terminus.services https://vk.com https://wrike.disqus.com https://wrike.influitive.com https://www.google.com https://www.google.ru https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://www.snapengage.com/; style-src 'unsafe-inline' data: https:; default-src 'self'; report-uri https://csp.wrike.com/csp-report?website 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://track.buyma.com/csp/report.json 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://bgr.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://irishtimes.report-uri.io/r/default/csp/reportOnly 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.indiewire.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri https://c79f95068084e6225a0fe93e875f682d.report-uri.com/r/t/csp/reportOnly 1
default-src https: 'unsafe-inline' 'unsafe-eval' wss:; connect-src wss://*.ravelry.com https://www.ravelry.com; img-src https: data:; report-uri https://csp-reports.ravelry.com/; 1
default-src https: data: 'unsafe-eval' 'unsafe-inline'; report-uri /csp-endpoint/index 1
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.craftyclicks.co.uk *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.natwest.com *.neolane.net *.nwolb.com *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.raptmedia.com *.snapchat.com *.userzoom.com *.youtube.com *.ytimg.com dpm.demdex.net jwpltx.com rbs.demdex.net; upgrade-insecure-requests; report-uri https://natwestpersonal.report-uri.com/r/t/csp/reportOnly 1
block-all-mixed-content; report-uri https://events.ocdn.eu/v2/csp-report?_ac=events&_fv=businessinsider.com.pl::PROD_HTTPS_V1 1
default-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; object-src 'none'; report-uri https://wwwaarp.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://d3sq5bmi4w5uj1.cloudfront.net ajax.googleapis.com https://ie7-js.googlecode.com https://cdnjs.cloudflare.com connect.facebook.net uhf.microsoft.com c.microsoft.com cs.microsoft.com platform.twitter.com 'sha256-l9ZHmyP+aSQUbzDsO0Z5mU5KmeKTw7h+LYWUCcvjK/o=' 'sha256-PaS0gCgkEvlXwzUjXAo0jysAvDXOc3iIttQamgrvXk0=' 'sha256-LJOONddNtIMPVfcLsFATXyL4P23f3znxXz4FxYemkxI=' 'sha256-9iOvn7LxDLljYZpLeETJMw2obbWSDMr5bD4EvVwobT8=' 'sha256-0E0vDUBHZEKS2e6EIVqnrTnKVNyC9EkRVPrg1eYPjfk=' 'sha256-qKAjO5ncQUIDDV6E+i9Ki0B02qMSMSYn7Qz3CCeUadA=' 'sha256-e+Muvfq9cFCKaGyU2s/dw33x7jyiRjzSxMMWigxtces=' 'sha256-X13pZMYtfc8rLgpPU27DRu9ogdGOie2/WSSRXrvb4qw=' 'sha256-qBq7Yi1crTUnQMu1SOv+OLIkSbFYKoUR5uEZmtGdr18=' 'sha256-3lrmNAZ6kNZZTLuCfq9dwAOOuM3LB25Zw3lZQb6u5mA=' 'sha256-4yQMvgCymLvSmnCJ3fBR7j5ULSCezuYQiYkcA5JNVEY=' 'sha256-ktmU5paXGPR9mdN2uSWY55YcgQeImJRGVoRPrUQgASY=' 'sha256-MA2y0MDJ4KekIetpCUKmHXxHGlTrzqzVnitomCSNO14=' 'sha256-SeFjbS0LfxHLZ4dSTKm3BJQLbYE7L30x+Dieoa6QQwM=' 'sha256-SCdeHAIyndSsvnKndC84UH7e8hWXZfGZi1sXICbMEfM=' 'sha256-H/0P7dZMBnkxNkAxjKwW4ZkIbOu+jUatI5iXj220Mzw=' 'sha256-K2eMQjiqAXlEEKU1OI//ND8SNuV5nMOGNBQxtt0fK+g=' 'sha256-teb0gd16eHO96p+TWUf4Qk9ED1HJmiBTon8ooUoBh00=' 'sha256-Kdb1cN+XVz5wzuxh0LQlnyRgRjSv4+NQJ0c57mBi0pc=' 'sha256-dc0kLiLbea/nrL24ZXilOuRrs2VzRffX05RSQdgHUsU=' 'sha256-LjreJQqJjPxAIN/hThhUIWTziFE4758qAZp8fvAjruM=' 'sha256-o62lg6aR4njGCW/O+wQfymrm7gCZOXINNMAQNuD1VGM=' 'sha256-j3H8aCmyA0faDUoXS4euhLBRHBatCYqsLfaeZoZ86RQ='; style-src 'self' 'unsafe-inline' d3sq5bmi4w5uj1.cloudfront.net uhf.microsoft.com; img-src 'self' syndication.twitter.com analytics.twitter.com t.co uhf.microsoft.com c.microsoft.com *.facebook.com d3sq5bmi4w5uj1.cloudfront.net images.mxpnl.com wdgcdn.azureedge.net asgcdn.azureedge.net; frame-src *.facebook.com platform.twitter.com c1.microsoft.com c.bing.com; report-uri https://csp.skype.com 1
default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' 'self';  report-uri https://csp.surveymonkey.com/report?e=false&c=prod&a=wufoocms 1
default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri /csp-report 1
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: 'unsafe-inline' 'unsafe-eval' data: blob: ; connect-src https: wss: ; font-src https: 'unsafe-inline' 'unsafe-eval' data: ; script-src https: 'unsafe-inline' 'unsafe-eval' data: ; report-uri https://lancers.report-uri.io/r/default/csp/reportOnly 1
media-src blob: https:; worker-src blob: https:; font-src chrome-extension: data: https:; img-src data: blob: about: https: http://track.adform.net; default-src https: blob: data: ms-appx-web: wss: 'unsafe-inline'  'unsafe-eval'; report-uri https://handelsblatt.report-uri.com/r/d/csp/reportOnly 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=e97c179e-db09-4236-a5b9-1252d302b83f&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=a22d248d-ba4e-499a-8aad-6ca3c5474b0d&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
font-src data: https:; img-src data: https:; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://tagesspiegel.report-uri.com/r/d/csp/reportOnly 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=6db1751a-7f6a-483f-8047-bd5aeedc26fe&version=62c29f3d39b5035178b711ed93129e9757ef18d0 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://tvline.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.adform.net *.au.dk *.aucdn.dk *.cloudflare.com *.cloudfront.net *.crazyegg.com *.createsend1.com *.facebook.com *.facebook.net *.findvej.dk *.gefionau.dk *.google-analytics.com *.google.com *.google.dk *.googleapis.com *.googletagmanager.com *.gstatic.com *.instagram.com *.inviewmap.com *.livescribe.com *.mathjax.org *.pingdom.net *.siteimprove.com *.slideshare.net *.stakbogladen.dk *.statsbiblioteket.dk *.storify.com *.twimg.com *.twitter.com *.vimeo.com *.yahooapis.com *.youtu.be *.youtube.com 130.225.20.241 130.226.173.136 77.66.112.46 shoutbox.widget.me siteimproveanalytics.com *.cludo.com www2.dmu.dk unpkg.com; img-src * 'self' data:; report-uri /csp-rapport/csp-rapport.php?i=i40v5; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=5a50543f-0218-4894-ace6-975d720bd1e9&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=3e50fe59-e7bc-45ee-8ecd-749ffee28ece&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
default-src https:; connect-src https: wss:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' d36jn9qou1tztq.cloudfront.net 'report-sample'; style-src 'unsafe-inline' 'unsafe-eval' https: 'report-sample'; font-src https: data:; frame-src https: data:; report-uri /sitebuilder2/api/csp-report; report-to csp 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=5d6dbf87-c723-4498-a805-54e6d146d33a&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.dba.dk/api/csplogger/mixedcontent/dba 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.com ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.com *.spreadshirt.com ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.com ; font-src 'self' https: *.spreadshirt.com ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.com ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.com ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=40b8b3c9-3c96-4e32-abe2-ee7b020d7e29&version=5c2df8046534720ddcd5a15018c359f705fa6651 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-A5WddWpudAUrh16ACJsxADjW6qxQr0CN36T3SCcp7Ts=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=330f01c9-8313-425e-b150-92f477d40859&version=bed484b9453afae159e3860b6f6fcb303ba7ac22 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/e24/publishing/pro 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.search.ch/api/mixedcontent.json 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://zpb0vbtwvtjszchysnsje6mg.httpschecker.net/report; report-to https://zpb0vbtwvtjszchysnsje6mg.httpschecker.net/report 1
default-src wss://m-production.clickwith.me/ wss://rendermaster-production.rcrsv.io https: 'unsafe-inline'; img-src blob: data: https:; report-uri /csp-violation-report 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' imasdk.googleapis.com va.v.liveperson.net www.google.com c1.rfihub.net mpp.vindicosuite.com www.google-analytics.com connect.facebook.net www.googleadservices.com googleads.g.doubleclick.net a.rfihub.com apis.google.com analytics.twitter.com tirerack.resultspage.com assets.resultspage.com lptag.liveperson.net seal.verisign.com www.googlecommerce.com bat.bing.com www.googletagmanager.com bs.serving-sys.com static.ads-twitter.com secure-ds.serving-sys.com accdn.lpsnmedia.net s.go-mpulse.net ds-aksb-a.akamaihd.net lpcdn.lpsnmedia.net cdn.dashjs.org includes.ccdc02.com maps.googleapis.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com tirerack.resultspage.com util.cardinalcommerce.com; img-src 'self' data: *.akamaihd.net api.pmmapads.com maps.googleapis.com seals.resellerratings.com bat.bing.com tirerack.d1.sc.omtrdc.net www.google.com t.co tags.w55c.net insight.adsrvr.org b.collective-media.net mpp.vindicosuite.com www.google-analytics.com sync.search.spotxchange.com stats.g.doubleclick.net match.sharethrough.com googleads.g.doubleclick.net cache.vindicosuite.com www.facebook.com analytics.twitter.com e.nexac.com x.dlx.addthis.com loadus.exelator.com bh.contextweb.com t.mookie1.com su.addthis.com ad.sxp.smartclip.net contextual.media.net ads.stickyadstv.com match.adsrvr.org sync-tm.everesttech.net ib.adnxs.com ads.scorecardresearch.com seal.websecurity.norton.com www.googletagmanager.com ad.doubleclick.net util.cardinalcommerce.com csi.gstatic.com maps.gstatic.com dpm.demdex.net adservice.google.com cm.everesttech.net track1.aniview.com assets.resultspage.com www.google.ca a.algovid.com px.moatads.com tires.tirerack.com lpcdn.lpsnmedia.net cdnjs.cloudflare.com; font-src 'self' data: fonts.gstatic.com; connect-src 'self' *.akstat.io googleads.g.doubleclick.net bat.bing.com www.google.com google-analytics.com static.ads-twitter.com c.go-mpulse.net stats.g.doubleclick.net www.googlecommerce.com ads.adaptv.advertising.com www.googleadservices.com tirerack.tt.omtrdc.net dpm.demdex.net ds-aksb-a.akamaihd.net tirerack-vh.akamaihd.net va.v.liveperson.net vid.springserve.com v.lkqd.net c.go-mpulse.net tirerack.resultspage.com www.facebook.com assets.resultspage.com ssp.lkqd.net ssp.streamrail.net t.lkqd.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net lptag.liveperson.net googleadservices.com vast.streamrail.net www.google-analytics.com www.googletagmanager.com cdn.dashjs.org ima3vpaid.appspot.com lptag.liveperson.net aux-log1-sh.vertamedia.com connect.facebook.net svastx.moatads.com apis.google.com googleapis.com tirerack-vh.akamaihd.net seal.verisign.com analytics.twitter.com; media-src 'self' tirerack-vh.akamaihd.net; frame-src 'self' api.pmmapads.com www.youtube.com lpcdn.lpsnmedia.net www.google.com 20744577p.rfihub.com accounts.google.com pixel.everesttech.net www.everestjs.net a.rfihub.com bid.g.doubleclick.net thetirerackinc.demdex.net www.facebook.com www.trwholesalesolutions.com secure.paymentech.com ssl.kaptcha.com sales.liveperson.net; report-uri /csp-report-only; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-A5WddWpudAUrh16ACJsxADjW6qxQr0CN36T3SCcp7Ts=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=cfa09389-c2be-434c-a3f4-503e0e3690a7&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
report-uri https://csp.edipresse.pl/report/polki; font-src https: data:; img-src data: https: android-webview-video-poster: android-webview:; media-src https: data:; style-src 'unsafe-inline' 'unsafe-eval' https:; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob: asset:; worker-src blob: 1
default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=ln_shp 1
default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' https: ; style-src 'self' 'unsafe-inline' static.chartbeat.com https: ; img-src 'self' http: https: data: ; font-src 'self' https: data: ; frame-src https: ; connect-src 'self' monitor.web-staging.com https: ; report-uri https://monitor.web-staging.com/csp 1
block-all-mixed-content; report-uri https://csp-reports.pravmir.ru/https-mixed-content-logger/csp_report_log.php; 1
block-all-mixed-content; report-uri https://teacup.report-uri.com/r/t/csp/reportOnly 1
script-src 'self' 'unsafe-inline' cdn.sidefx.com d2wvmrjymyrujw.cloudfront.net *.googleapis.com www.gstatic.com www.google.com *.facebook.net api.instagram.com cdnjs.cloudflare.com unpkg.com cdn.jsdelivr.net www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net; style-src 'self' 'unsafe-inline' cdn.sidefx.com d2wvmrjymyrujw.cloudfront.net fonts.googleapis.com *.vimeocdn.com; report-uri https://www.sidefx.com/csp_reports/; default-src 'self'; frame-src 'self' data: www.google.com connect.facebook.net www.facebook.net www.facebook.com docs.google.com www.youtube.com *.vimeo.com *.vimeocdn.com; img-src 'self' data: 'unsafe-inline' 'unsafe-eval' cdn.sidefx.com d2wvmrjymyrujw.cloudfront.net *.cdninstagram.com *.gravatar.com www.facebook.com static.lulu.com www.gstatic.com i.ytimg.com *.vimeocdn.com www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net; font-src 'self' data: cdn.sidefx.com d2wvmrjymyrujw.cloudfront.net fonts.gstatic.com 1
default-src 'none'; base-uri 'none'; frame-src 'self' https://assets1.unidays.world https://staticxx.facebook.com https://www.facebook.com https://platform.twitter.com; connect-src 'self' https://account.myunidays.com https://account-cdn.myunidays.com https://perks.myunidays.com https://api.segment.io https://cdn.optimizely.com https://www.google-analytics.com; font-src 'self' ; img-src 'self' data: https:; media-src 'self' https; script-src 'self' https: 'strict-dynamic' 'unsafe-inline' 'nonce-W1AfmMfMSEWY4sY/CGT7fg==' 'sha256-1VSh9Nxgw6LDp3d5fwJcLs8gc5sGMnRF+BHQjqkYk6I=' 'sha256-euoJNoaJITbhbO7ymsb/CcVchV6iwLXMOt4m8eeiEJM=' 'sha256-uaOgH6Wg5HZzOcOMUDlpqDrYOeBghbzAxWmuIk5CesQ=' 'sha256-CaE7UoV6lIKKcfbEjrixEoxtlj/iStAUoYMhl5fiH04=' 'sha256-etomrtPR7+3YBJVhy4uup2zi9jdWdwYKdiAuoS19bgA='; style-src 'self' 'unsafe-inline' https:; report-uri https://unidays.report-uri.com/r/d/csp/reportOnly 1
default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tool.lu *.baidu.com; object-src 'none'; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.tool.lu *.baidu.com; img-src 'self' data: *.tool.lu *.href.lu *.baidu.com; media-src 'none'; child-src 'self' *.tool.lu; font-src *.tool.lu *.alicdn.com; connect-src 'self' *.tool.lu *.baidu.com *.alicdn.com; report-uri //analytics.tool.lu/csp 1
default-src https: 'unsafe-inline' 'unsafe-eval' data: ; connect-src 'self'   https://csi.gstatic.com https://a.tiles.mapbox.com https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://ssl.google-analytics.com https://capture.trackjs.com https://www.google.com https://graph.facebook.com wss://ws1.hotjar.com https://insights.hotjar.com; font-src 'self' https://inassets1-internationsgmbh.netdna-ssl.com/ https://fonts.gstatic.com data:; frame-src https: appsflyerevent: fbrpc:; manifest-src https://inassets1-internationsgmbh.netdna-ssl.com/; media-src 'none'; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' https://inassets1-internationsgmbh.netdna-ssl.com/  https://fonts.googleapis.com https://www.gstatic.com https://cdnjs.cloudflare.com; report-uri https://www.internations.org/log/content-security-policy?disposition=report&policyVersion=3 1
frame-src *.trudvsem.ru; default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=9160147d-e4e6-482c-95aa-53512d16d825&version=c9ee61990a92ff02f7e588f33afda1ed3b2432df 1
default-src 'self' *.s-xoom.com; img-src 'self' data: *.paypal.com *.amazonaws.com *.s-xoom.com *.bbb.org *.facebook.com *.google.com *.googleapis.com *.bing.com *.doubleclick.net *.contentful.com *.ctfassets.net *.google-analytics.com *.mediaplex.com *.online-metrix.net *.ensighten.com *.googleadservices.com *.googleusercontent.com *.dotomi.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.online-metrix.net *.segment.com *.iesnare.com *.mxpnl.com *.s-xoom.com *.google.com *.googleapis.com *.bing.com *.doubleclick.net *.googleadservices.com *.ensighten.com *.facebook.net *.optimizely.com *.contentful.com *.ctfassets.net *.paypalobjects.com *.google-analytics.com *.mediaplex.com *.gstatic.com *.googletagmanager.com; style-src 'self' 'unsafe-inline' *.s-xoom.com *.google.com *.contentful.com *.ctfassets.net; connect-src 'self' *.segment.io *.mixpanel.com *.paypalobjects.com *.s-xoom.com; frame-src 'self' *.paypal.com *.google.com *.paypalobjects.com *.online-metrix.net *.jobvite.com *.facebook.net *.facebook.com *.youtube.com *.doubleclick.net; form-action 'self' *.doubleclick.net *.facebook.net; object-src 'self' *.online-metrix.net; report-uri /csp-violation; 1
script-src https://www.myprotein.com https://m.myprotein.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.com/cspReport.txt; 1
default-src 'self' *.hotjar.com *.macupdate.com https://*.macupdate.com macupdate.com; frame-src 'self' 'unsafe-inline' https://*.a.disquscdn.com https://*.adsage.com https://*.adsitrx.com https://*.analytics.yahoo.com https://*.bing.com https://disqus.com https://*.disqus.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flowplayer.org https://*.google.com https://*.google.com.ua https://*.googleadservices.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.googletagservices.com https://*.gstatic.com https://*.hotjar.com https://*.i.ytimg.com https://*.images.dmca.com https://images.dmca.com https://*.intljs.rmtag.com https://*.msn.com https://*.pixel.yadibes.com https://*.s.yimg.com https://*.secure.ace-tag.advertising.com https://*.secure.leadback.advertising.com https://*.shopperapproved.com https://*.tagmanager.google.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.youtube.com https://*.apple.com https://tpc.googlesyndication.com/; child-src 'self' 'unsafe-inline' https://*.a.disquscdn.com https://*.adsage.com https://*.adsitrx.com https://*.analytics.yahoo.com https://*.bing.com https://disqus.com https://*.disqus.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flowplayer.org https://*.google.com https://*.google.com.ua https://*.googleadservices.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.googletagservices.com https://*.gstatic.com https://*.hotjar.com https://*.i.ytimg.com https://*.images.dmca.com https://images.dmca.com https://*.intljs.rmtag.com https://*.linksynergy.com https://*.macupdate.com https://*.macupdateblog.disqus.com https://*.msn.com https://*.pixel.yadibes.com https://*.s.yimg.com https://*.secure.ace-tag.advertising.com https://*.secure.leadback.advertising.com https://*.shopperapproved.com https://*.tagmanager.google.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.youtube.com; img-src 'self' 'unsafe-inline' https://p.typekit.net *.macupdate.com https://*.a.disquscdn.com https://*.adsage.com https://*.adsitrx.com https://*.analytics.yahoo.com https://*.bing.com https://disqus.com https://*.disqus.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flowplayer.org https://*.google.com https://*.google.com.ua https://*.googleadservices.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.googletagservices.com https://*.gstatic.com https://*.hotjar.com https://*.i.ytimg.com https://*.images.dmca.com https://images.dmca.com https://*.intljs.rmtag.com https://*.linksynergy.com https://*.macupdate.com https://*.macupdateblog.disqus.com https://*.msn.com https://*.pixel.yadibes.com https://*.s.yimg.com https://*.secure.ace-tag.advertising.com https://*.secure.leadback.advertising.com https://*.shopperapproved.com https://*.tagmanager.google.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.youtube.com https://*.apple.com data: *.2mdn.net https://pagead2.googlesyndication.com https://www.google.com https://www.google.ac https://www.google.ad https://www.google.ae https://www.google.com.af https://www.google.com.ag https://www.google.com.ai https://www.google.al https://www.google.am https://www.google.co.ao https://www.google.com.ar https://www.google.as https://www.google.at https://www.google.com.au https://www.google.az https://www.google.ba https://www.google.com.bd https://www.google.be https://www.google.bf https://www.google.bg https://www.google.com.bh https://www.google.bi https://www.google.bj https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.bs https://www.google.bt https://www.google.co.bw https://www.google.by https://www.google.com.bz https://www.google.ca https://www.google.com.kh https://www.google.cc https://www.google.cd https://www.google.cf https://www.google.cat https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.co.ck https://www.google.cl https://www.google.cm https://www.google.cn https://www.g.cn https://www.google.com.co https://www.google.co.cr https://www.google.com.cu https://www.google.cv https://www.google.com.cy https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.com.do https://www.google.dz https://www.google.com.ec https://www.google.ee https://www.google.com.eg https://www.google.es https://www.google.com.et https://www.google.fi https://www.google.com.fj https://www.google.fm https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gf https://www.google.gg https://www.google.com.gh https://www.google.com.gi https://www.google.gl https://www.google.gm https://www.google.gp https://www.google.gr https://www.google.com.gt https://www.google.gy https://www.google.com.hk https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.co.id https://www.google.iq https://www.google.ie https://www.google.co.il https://www.google.im https://www.google.co.in https://www.google.io https://www.google.is https://www.google.it https://www.google.je https://www.google.com.jm https://www.google.jo https://www.google.co.jp https://www.google.co.ke https://www.google.ki https://www.google.kg https://www.google.co.kr https://www.google.com.kw https://www.google.kz https://www.google.la https://www.google.com.lb https://www.google.com.lc https://www.google.li https://www.google.lk https://www.google.co.ls https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.com.ly https://www.google.co.ma https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.com.mm https://www.google.mn https://www.google.ms https://www.google.com.mt https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.com.mx https://www.google.com.my https://www.google.co.mz https://www.google.com.na https://www.google.ne https://www.google.com.nf https://www.google.com.ng https://www.google.com.ni https://www.google.nl https://www.google.no https://www.google.com.np https://www.google.nr https://www.google.nu https://www.google.co.nz https://www.google.com.om https://www.google.com.pk https://www.google.com.pa https://www.google.com.pe https://www.google.com.ph https://www.google.pl https://www.google.com.pg https://www.google.pn https://www.google.co.pn https://www.google.com.pr https://www.google.ps https://www.google.pt https://www.google.com.py https://www.google.com.qa https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.com.sa https://www.google.com.sb https://www.google.sc https://www.google.se https://www.google.com.sg https://www.google.sh https://www.google.si https://www.google.sk https://www.google.com.sl https://www.google.sn https://www.google.sm https://www.google.so https://www.google.st https://www.google.sr https://www.google.com.sv https://www.google.td https://www.google.tg https://www.google.co.th https://www.google.com.tj https://www.google.tk https://www.google.tl https://www.google.tm https://www.google.to https://www.google.tn https://www.google.com.tr https://www.google.tt https://www.google.com.tw https://www.google.co.tz https://www.google.com.ua https://www.google.co.ug https://www.google.co.uk https://www.google.com https://www.google.com.uy https://www.google.co.uz https://www.google.com.vc https://www.google.co.ve https://www.google.vg https://www.google.co.vi https://www.google.com.vn https://www.google.vu https://www.google.ws https://www.google.co.za https://www.google.co.zm https://www.google.co.zw; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.ampproject.org/ https://use.typekit.net https://code.jquery.com https://*.a.disquscdn.com https://*.adsage.com https://*.adsitrx.com https://*.analytics.yahoo.com https://*.bing.com https://disqus.com https://*.disqus.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.flowplayer.org https://*.google.com https://*.google.com.ua https://*.googleadservices.com https://*.google-analytics.com https://*.googleapis.com https://*.googletagmanager.com https://*.googletagservices.com https://*.gstatic.com https://*.hotjar.com https://*.i.ytimg.com https://*.images.dmca.com https://images.dmca.com https://*.intljs.rmtag.com https://*.linksynergy.com https://*.macupdate.com https://*.macupdateblog.disqus.com https://*.msn.com https://*.pixel.yadibes.com https://*.s.yimg.com https://s.yimg.com https://*.secure.ace-tag.advertising.com https://*.secure.leadback.advertising.com https://*.shopperapproved.com https://*.tagmanager.google.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.youtube.com https://*.apple.com https://l2.io *.inspectlet.com *.googlesyndication.com https://*.elev.io https://js.intercomcdn.com https://widget.intercom.io https://adservice.google.com https://adservice.google.ac https://adservice.google.ad https://adservice.google.ae https://adservice.google.com.af https://adservice.google.com.ag https://adservice.google.com.ai https://adservice.google.al https://adservice.google.am https://adservice.google.co.ao https://adservice.google.com.ar https://adservice.google.as https://adservice.google.at https://adservice.google.com.au https://adservice.google.az https://adservice.google.ba https://adservice.google.com.bd https://adservice.google.be https://adservice.google.bf https://adservice.google.bg https://adservice.google.com.bh https://adservice.google.bi https://adservice.google.bj https://adservice.google.com.bn https://adservice.google.com.bo https://adservice.google.com.br https://adservice.google.bs https://adservice.google.bt https://adservice.google.co.bw https://adservice.google.by https://adservice.google.com.bz https://adservice.google.ca https://adservice.google.com.kh https://adservice.google.cc https://adservice.google.cd https://adservice.google.cf https://adservice.google.cat https://adservice.google.cg https://adservice.google.ch https://adservice.google.ci https://adservice.google.co.ck https://adservice.google.cl https://adservice.google.cm https://adservice.google.cn https://adservice.g.cn https://adservice.google.com.co https://adservice.google.co.cr https://adservice.google.com.cu https://adservice.google.cv https://adservice.google.com.cy https://adservice.google.cz https://adservice.google.de https://adservice.google.dj https://adservice.google.dk https://adservice.google.dm https://adservice.google.com.do https://adservice.google.dz https://adservice.google.com.ec https://adservice.google.ee https://adservice.google.com.eg https://adservice.google.es https://adservice.google.com.et https://adservice.google.fi https://adservice.google.com.fj https://adservice.google.fm https://adservice.google.fr https://adservice.google.ga https://adservice.google.ge https://adservice.google.gf https://adservice.google.gg https://adservice.google.com.gh https://adservice.google.com.gi https://adservice.google.gl https://adservice.google.gm https://adservice.google.gp https://adservice.google.gr https://adservice.google.com.gt https://adservice.google.gy https://adservice.google.com.hk https://adservice.google.hn https://adservice.google.hr https://adservice.google.ht https://adservice.google.hu https://adservice.google.co.id https://adservice.google.iq https://adservice.google.ie https://adservice.google.co.il https://adservice.google.im https://adservice.google.co.in https://adservice.google.io https://adservice.google.is https://adservice.google.it https://adservice.google.je https://adservice.google.com.jm https://adservice.google.jo https://adservice.google.co.jp https://adservice.google.co.ke https://adservice.google.ki https://adservice.google.kg https://adservice.google.co.kr https://adservice.google.com.kw https://adservice.google.kz https://adservice.google.la https://adservice.google.com.lb https://adservice.google.com.lc https://adservice.google.li https://adservice.google.lk https://adservice.google.co.ls https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.com.ly https://adservice.google.co.ma https://adservice.google.md https://adservice.google.me https://adservice.google.mg https://adservice.google.mk https://adservice.google.ml https://adservice.google.com.mm https://adservice.google.mn https://adservice.google.ms https://adservice.google.com.mt https://adservice.google.mu https://adservice.google.mv https://adservice.google.mw https://adservice.google.com.mx https://adservice.google.com.my https://adservice.google.co.mz https://adservice.google.com.na https://adservice.google.ne https://adservice.google.com.nf https://adservice.google.com.ng https://adservice.google.com.ni https://adservice.google.nl https://adservice.google.no https://adservice.google.com.np https://adservice.google.nr https://adservice.google.nu https://adservice.google.co.nz https://adservice.google.com.om https://adservice.google.com.pk https://adservice.google.com.pa https://adservice.google.com.pe https://adservice.google.com.ph https://adservice.google.pl https://adservice.google.com.pg https://adservice.google.pn https://adservice.google.co.pn https://adservice.google.com.pr https://adservice.google.ps https://adservice.google.pt https://adservice.google.com.py https://adservice.google.com.qa https://adservice.google.ro https://adservice.google.rs https://adservice.google.ru https://adservice.google.rw https://adservice.google.com.sa https://adservice.google.com.sb https://adservice.google.sc https://adservice.google.se https://adservice.google.com.sg https://adservice.google.sh https://adservice.google.si https://adservice.google.sk https://adservice.google.com.sl https://adservice.google.sn https://adservice.google.sm https://adservice.google.so https://adservice.google.st https://adservice.google.sr https://adservice.google.com.sv https://adservice.google.td https://adservice.google.tg https://adservice.google.co.th https://adservice.google.com.tj https://adservice.google.tk https://adservice.google.tl https://adservice.google.tm https://adservice.google.to https://adservice.google.tn https://adservice.google.com.tr https://adservice.google.tt https://adservice.google.com.tw https://adservice.google.co.tz https://adservice.google.com.ua https://adservice.google.co.ug https://adservice.google.co.uk https://adservice.google.com https://adservice.google.com.uy https://adservice.google.co.uz https://adservice.google.com.vc https://adservice.google.co.ve https://adservice.google.vg https://adservice.google.co.vi https://adservice.google.com.vn https://adservice.google.vu https://adservice.google.ws https://adservice.google.co.za https://adservice.google.co.zm https://adservice.google.co.zw; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net *.doubleclick.net *.flowplayer.org *.macupdate.com *.twitter.com a.disquscdn.com disqus.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.macupdate.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://macupdateblog.disqus.com https://referrer.disqus.com https://*.google.com https://*.google.com.ua macupdateblog.disqus.com referrer.disqus.com; font-src 'self' https://use.typekit.net data: *.doubleclick.net *.macupdate.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.macupdate.com https://*.twitter.com https://js.intercomcdn.com; object-src *.doubleclick.net *.flowplayer.org *.macupdate.com *.twitter.com https://*.doubleclick.net https://*.macupdate.com https://*.twitter.com https://pagead2.googlesyndication.com; connect-src 'self' https://*.macupdate.com https://performance.typekit.net https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.doubleclick.net https://*.elev.io https://*.intercom.io; 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://hollywoodlife.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; plugin-types application/x-shockwave-flash; script-src * 'unsafe-inline'; report-uri https://content-security-policy.jobteaser.com/report 1
default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https: wss:; report-uri https://api.transparentcdn.com/v1/csp/report/83/ 1
connect-src *; frame-src *; img-src https: data: blob: about: safari-extension: safari-resource: chrome-extension:; worker-src blob: https: 'unsafe-eval' 'unsafe-inline'; script-src https: 'unsafe-eval' 'unsafe-inline'; report-uri https://pro2-view.myportfolio.com/v1/errors/csp 1
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/wi/prod 1
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: 'self' data:; font-src https: 'self' data:; 1
script-src https://www.lookfantastic.com https://m.lookfantastic.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://hm.baidu.com https://tag.baidu.com; report-uri https://www.lookfantastic.com/cspReport.txt; 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.sheknows.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
child-src https:;connect-src https:;font-src https: data:;frame-ancestors 'none';img-src https: data:;media-src https:;object-src https: data:;script-src https: data: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-inline';report-uri /csp 1
block-all-mixed-content; script-src 'self' data: 'unsafe-eval' 'unsafe-inline' https://assets.fordham.edu https://bat.bing.com/bat.js https://us2.siteimprove.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.adhigh.net/p.js https://px.ads.linkedin.com https://scripts.ninjacat.io https://snap.licdn.com https://www.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://www.googletagmanager.com https://px.adhigh.net https://s.ytimg.com https://scripts.mymarketingreports.com https://libraryh3lp.com https://ds-aksb-a.akamaihd.net https://www.linkedin.com https://dc.ads.linkedin.com https://lgapi.libapps.com https://fw.cdn.technolutions.net https://cdn.syndication.twimg.com https://mx.technolutions.net https://synch.optimatic.com https://slate-technolutions-net.cdn.technolutions.net https://secure.adnxs.com https://platform.twitter.com https://gradadmissions.fordham.edu https://go.activecalendar.com;  report-uri https://jaduuat.fordham.edu/site/custom_scripts/fordham_csperrors.php 1
default-src https: 'unsafe-inline' 'unsafe-eval' 'self' data:; img-src 'self' *.eff.org data:; report-uri /report-csp-violation 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=137-3042226-1887965:rid=VTYEHR4KCCB4BEFRX9A0:sn=www.audible.com 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: filesystem: mediastream: wikibooks.org *.wikibooks.org wikidata.org *.wikidata.org wikimedia.org *.wikimedia.org wikinews.org *.wikinews.org wikipedia.org *.wikipedia.org wikiquote.org *.wikiquote.org wikisource.org *.wikisource.org wikiversity.org *.wikiversity.org wikivoyage.org *.wikivoyage.org wiktionary.org *.wiktionary.org *.wmflabs.org wikimediafoundation.org mediawiki.org *.mediawiki.org wss://tools.wmflabs.org; report-uri https://tools.wmflabs.org/csp-report/collect; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/bt/publishing/pro 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=08c27f5f-24ef-47f2-9d74-4fd871cb8662&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://ws.cex.io/ws;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com;img-src 'self' data:;style-src 'self' 'unsafe-inline' https://*.googleapis.com https://code.jquery.com;script-src 'self' 'unsafe-inline' 'unsafe-eval';report-uri https://cex.io/cspr; 1
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/gq/prod 1
base-uri https://www.mbank.cz; report-uri https://wwwcz.csp.mbank.pl; default-src 'none'; upgrade-insecure-requests; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://www.mbank.cz https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://connect.facebook.net https://www.facebook.com https://maps.googleapis.com https://i.ctnsnet.com; style-src 'self' 'report-sample' 'unsafe-inline' https://www.mbank.cz https://tagmanager.google.com; img-src 'self' 'report-sample' data: https://www.mbank.cz https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://cm.g.doubleclick.net https://*.fls.doubleclick.net https://www.google.com https://www.google.pl https://www.google.de https://www.google.co.uk https://www.google.nl https://www.google.fr https://www.google.se https://www.google.no https://www.google.be https://www.google.ie https://www.google.es https://www.google.dk https://www.google.ch https://www.google.hr https://www.google.cz https://www.google.it https://www.google.com.ua https://www.google.sk https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://www.facebook.com https://maps.googleapis.com https://maps.gstatic.com https://khms0.googleapis.com https://khms1.googleapis.com https://i.ctnsnet.com; font-src 'self' 'report-sample' https://www.mbank.cz; connect-src 'self' 'report-sample' https://www.mbank.cz https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com https://www.google.pl; media-src 'self' 'report-sample' https://www.mbank.cz; object-src 'self' 'report-sample' https://www.mbank.cz; frame-src 'self' 'report-sample' https://www.mbank.cz https://www.googletagmanager.com https://tagmanager.google.com https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://tpc.googlesyndication.com https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://www.facebook.com; child-src 'self' 'report-sample' https://www.mbank.cz https://www.googletagmanager.com https://tagmanager.google.com https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://www.facebook.com; form-action 'self' 'report-sample' https://www.mbank.cz https://form.mbank.cz; frame-ancestors 'self' 'report-sample' https://www.mbank.cz;  1
default-src https: wss:; script-src * 'self' 'unsafe-inline' 'unsafe-eval' ; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; report-uri https://stagesuunto.report-uri.com/r/d/csp/reportOnly 1
frame-ancestors 'self'; report-uri https://sentry.wongnai.com/api/2/csp-report/?sentry_key=1eb41851e6a44bd39f12e47f6de24633 1
script-src https://www.thehut.com https://m.thehut.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.thehut.com/cspReport.txt; 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=137-5796199-5915965:rid=6T4C056YYE4NQ1QSHW7N:sn=www.audible.com 1
default-src https: wss:; script-src https: wss: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 1
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdn.segment.com https://www.googletagmanager.com https://www.youtube.com https://bam.nr-data.net https://cdn.mxpnl.com https://ajax.cloudflare.com https://s7.addthis.com https://dnn506yrbagrg.cloudfront.net https://edge.addthis.com https://www.google-analytics.com https://s.ytimg.com https://connect.facebook.net; style-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https://wwws.betterment.com https://bam.nr-data.net https://m.addthis.com https://api.mixpanel.com https://tt.betterment.com https://api.segment.io; media-src 'self'; object-src 'none'; child-src 'self'; frame-src 'self' https://www.googletagmanager.com https://betterment.shinyapps.io; worker-src 'self'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'; report-uri https://betterment.report-uri.io/r/default/csp/reportOnly; 1
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.dotpay.pl ssl.google-analytics.com; img-src 'self' data: ssl.google-analytics.com stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; connect-src https://stats.g.doubleclick.net https://ssl.google-analytics.com ; report-uri /csp-report 1
script-src 'self' *.edpuzzle.com 'unsafe-inline' 'unsafe-eval' latex.codecogs.com *.google.com *.googleapis.com *.google-analytics.com *.youtube.com *.ytimg.com *.soundcloud.com *.zendesk.com cdnjs.cloudflare.com *.mxpnl.com *.marketo.net *.newrelic.com *.nr-data.net d1htrclywvryi1.cloudfront.net js.stripe.com; style-src 'self' *.edpuzzle.com 'unsafe-inline' maxcdn.bootstrapcdn.com latex.codecogs.com d1htrclywvryi1.cloudfront.net; report-uri /api/v3/violations/csp 1
default-src https: android-webview: 'unsafe-inline' 'unsafe-eval'; media-src data: https: 'unsafe-inline' 'unsafe-eval'; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: android-webview: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval'; font-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://netologygroup.report-uri.io/r/default/csp/reportOnly 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob: *; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: techport.ru *.techport.ru https://vk.com https://*.vk.com https://cdn.api.twitter.com https://www.odnoklassniki.ru https://odnoklassniki.ru https://ok.ru https://connect.ok.ru https://facebook.com https://*.facebook.com https://connect.facebook.net https://yandex.ru https://*.yandex.ru https://ya.ru https://yandex.st https://yastatic.net https://*.yadro.ru https://webvisor.com https://mc.webwisor.org https://google.com https://*.google.com https://google.ru https://*.google.ru https://translate.google.cn https://*.googleapis.com https://*.googleadservices.com https://googletagservices.com https://*.googletagservices.com https://google-analytics.com https://*.google-analytics.com https://googletagmanager.com https://*.googletagmanager.com https://gstatic.com https://*.gstatic.com https://*.googlesyndication.com https://*.mail.ru https://top-fwz1.mail.ru https://youtube.ru https://*.youtube.ru https://youtube.com https://*.youtube.com https://s.ytimg.com https://*.criteo.net https://*.criteo.com https://video.bosch-pt-video.com https://uc.xddi.ru https://techport-st.cdn.ngenix.net https://demoup.com https://*.demoup.com https://pickpoint.ru https://*.flixfacts.com https://*.flixcar.com https://*.flix360.com https://logo.flixfacts.co.uk https://media.flixsyndication.net https://*.doubleclick.net https://www.alexa.com https://*.alexa.com https://ssp.rambler.ru https://profile.ssp.rambler.ru https://*.paymentgate.ru https://*.robokassa.ru https://*.sandbox.paypal.com https://*.paypal.com https://paypal.com https://www.paypal.com https://*.mkb.ru https://*.rbsuat.com https://*.begun.ru https://newrelic.com https://*.newrelic.com https://bam.nr-data.net https://api.flocktory.com; report-uri //www.techport.ru/csp; report-to //www.techport.ru/csp; 1
script-src https: 'self' 'nonce-775da961ae1ed72706b60fd66ace81a9' 'unsafe-inline' 'unsafe-eval' http://wx-static.drip.im/js/ http://res.wx.qq.com/open/js/jweixin-1.0.0.js http://eco-api.meiqia.com/ http://new-api.meiqia.com/ http://wxs-b.drip.im/js/ *.geetest.com *.qq.com http://hm.baidu.com http://isite.baidu.com;object-src *.qq.com *.youku.com *.drip.im;frame-src *.qq.com *.youku.com eco-api.meiqia.com new-api.meiqia.com *.drip.im weixinping: weixin:; report-uri https://weixin.drip.im/wx-web/system/csp-report-parser 1
default-src 'self' https: data:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri https://investorplace.com/wp-content/plugins/mixed-content-logging/report-uri/mcl-uri.php 1
default-src 'self' *.vk.com https://*.vk.com *.userapi.com https://*.userapi.com https://*.google.com https://*.google.ru *.googlesyndication.com https://*.googlesyndication.com https://*.doubleclick.net *.yandex.ru https://*.yandex.ru https://*.yandex.net yastatic.net https://yastatic.net *.yandexadexchange.net https://*.yandexadexchange.net *.yadro.ru https://*.yadro.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' vk.com https://vk.com *.vk.com https://*.vk.com https://*.gstatic.com https://*.google.com https://*.google.ru https://*.google.at https://*.google.by https://*.google.ca https://*.google.ch https://*.google.co.kr https://*.google.co.uk https://*.google.co.za https://*.google.co.uz https://*.google.co.il https://*.google.co.id https://*.google.co.in https://*.google.co.nz https://*.google.co.jp https://*.google.co.th https://*.google.co.ve https://*.google.co.ma https://*.google.com.cy https://*.google.com.sg https://*.google.com.tr https://*.google.com.ua https://*.google.com.lb https://*.google.com.ng https://*.google.com.pe https://*.google.com.hk https://*.google.com.tj https://*.google.com.my https://*.google.com.pk https://*.google.com.af https://*.google.com.eg https://*.google.com.au https://*.google.com.bo https://*.google.com.sa https://*.google.com.ph https://*.google.com.na https://*.google.com.mt https://*.google.com.br https://*.google.com.co https://*.google.com.ar https://*.google.com.vn https://*.google.com.om https://*.google.dk https://*.google.ee https://*.google.fi https://*.google.fr https://*.google.ge https://*.google.gr https://*.google.ie https://*.google.iq https://*.google.it https://*.google.kz https://*.google.lv https://*.google.nl https://*.google.pl https://*.google.tm https://*.google.de https://*.google.az https://*.google.am https://*.google.se https://*.google.md https://*.google.cz https://*.google.kg https://*.google.ae https://*.google.bg https://*.google.dz https://*.google.lt https://*.google.no https://*.google.es https://*.google.hu https://*.google.sk https://*.google.be https://*.google.hr https://*.google.jo https://*.google.pt https://*.google.rs https://*.google.is https://*.google.lu https://*.google.ro https://*.google.tn https://*.google.si https://*.google.ci *.googlesyndication.com https://*.googlesyndication.com *.googletagservices.com https://*.googletagservices.com *.googletagmanager.com https://*.googletagmanager.com *.google-analytics.com https://*.google-analytics.com https://*.doubleclick.net https://cdn.ampproject.org *.yandex.ru https://*.yandex.ru https://*.yandex.by https://*.yandex.ua https://*.yandex.kz https://*.yandex.fr https://*.yandex.com.tr yastatic.net https://yastatic.net https://vidtok.ru https://utraff.com https://ima.utraff.com https://ajax.googleapis.com data: ; style-src 'self' 'unsafe-inline'; img-src 'self' https://220youtube.com vk.com https://vk.com *.vk.com https://*.vk.com *.userapi.com https://*.userapi.com https://*.google.ru *.googlesyndication.com https://*.googlesyndication.com https://*.doubleclick.net *.google-analytics.com https://*.google-analytics.com *.gstatic.com https://*.gstatic.com *.googlezip.net https://*.googlezip.net https://yandex.ru *.yandex.ru https://*.yandex.ru *.yandex.net https://*.yandex.net https://yandex.st https://*.yandex.ua https://*.yandexadexchange.net *.yadro.ru https://*.yadro.ru data: ; frame-src 'self' https://220vk.com vk.com https://vk.com https://vidtok.ru https://utraff.com gsa://onpageload *.googlesyndication.com https://*.googlesyndication.com https://*.doubleclick.net https://vk-220.firebaseapp.com https://*.yandex.ru yastatic.net https://yastatic.net *.yandexadexchange.net https://*.yandexadexchange.net; connect-src 'self' ws://220vk.com wss://220vk.com *.vk.com https://*.vk.com https://*.gstatic.com https://*.googleapis.com https://yandex.ru *.yandex.ru https://*.yandex.ru https://*.yandex.by https://*.yandex.ua yastatic.net https://yastatic.net *.bing.com https://*.bing.com; font-src 'self' data: https://*.gstatic.com; report-uri /files/collector.php 1
base-uri https://www.mbank.pl; report-uri https://wwwsk.csp.mbank.pl; default-src 'none'; upgrade-insecure-requests; block-all-mixed-content; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://www.mbank.sk https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://connect.facebook.net https://www.facebook.com https://maps.googleapis.com https://i.ctnsnet.com; style-src 'self' 'report-sample' 'unsafe-inline' https://www.mbank.sk https://tagmanager.google.com; img-src 'self' 'report-sample' data: https://www.mbank.sk https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://cm.g.doubleclick.net https://*.fls.doubleclick.net https://www.google.com https://www.google.pl https://www.google.de https://www.google.co.uk https://www.google.nl https://www.google.fr https://www.google.se https://www.google.no https://www.google.be https://www.google.ie https://www.google.es https://www.google.dk https://www.google.ch https://www.google.hr https://www.google.cz https://www.google.it https://www.google.com.ua https://www.google.sk https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://www.facebook.com https://maps.googleapis.com https://maps.gstatic.com https://khms0.googleapis.com https://khms1.googleapis.com https://i.ctnsnet.com; font-src 'self' 'report-sample' https://www.mbank.sk; connect-src 'self' 'report-sample' https://www.mbank.sk https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com https://www.google.pl; media-src 'self' 'report-sample' https://www.mbank.sk; object-src 'self' 'report-sample' https://www.mbank.sk; frame-src 'self' 'report-sample' https://www.mbank.sk https://www.googletagmanager.com https://tagmanager.google.com https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://tpc.googlesyndication.com https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://www.facebook.com; child-src 'self' 'report-sample' https://www.mbank.sk https://www.googletagmanager.com https://tagmanager.google.com https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://cz.hit.gemius.pl https://ls.hit.gemius.pl https://www.facebook.com; form-action 'self' 'report-sample' https://www.mbank.sk https://form.mbank.sk; frame-ancestors 'self' 'report-sample' https://www.mbank.sk;  1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://2kvtmaghvfjkrmzwpn6qpl1a.httpschecker.net/report; report-to https://2kvtmaghvfjkrmzwpn6qpl1a.httpschecker.net/report 1
block-all-mixed-content; report-uri https://events.ocdn.eu/v2/csp-report?_ac=events&_fv=www.przegladsportowy.pl::PsInfo_1_10_0 1
default-src 'unsafe-inline' 'unsafe-eval' data: https: wss:; report-uri https://shl.paddypower.com/csp 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: wss: blob: http://*.files.wordpress.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; img-src data: https:; report-uri https://lidlcsp.report-uri.io/r/default/csp/reportOnly; 1
script-src https://www.myprotein.jp https://m.myprotein.jp 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.jp/cspReport.txt; 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-violations.external.wickes.co.uk 1
default-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; media-src https: blob:; object-src https: blob:; report-uri https://csp-report.magicseaweed.com/api/csp-report/ 1
default-src https://www.spamhaus.org https: 'unsafe-inline' 'unsafe-eval' 1
img-src https: data:; connect-src https:; report-uri https://csp-reports.yesware.com/new 1
script-src https://www.coggles.com https://m.coggles.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.coggles.com/cspReport.txt; 1
default-src 'self' https: wss: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=denniexpres&d=2018-12-09 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://www.goldderby.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
block-all-mixed-content; report-uri https://www.warau.jp/mixedcontentreport.php 1
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/vg/prod 1
default-src https: data: blob: android-webview: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval' http://*.cdn.ne.jp https://*.cdn.ne.jp; report-uri /analyze/cspreport.php 1
script-src https://www.iwantoneofthose.com https://m.iwantoneofthose.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.iwantoneofthose.com/cspReport.txt; 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=A1QAP3MOU4173J:sid=358-2462359-2005753:rid=G4GGEME9ZSHE41QNM1RZ:sn=www.audible.co.jp 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=9a804944-a950-47be-a3c1-e305dab93f12&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://wwggsujy3yobtlvav9zj6w8w.httpschecker.net/report 1
default-src 'self' data: https: https://*.adriver.ru https://*.kontur.ru https://kontur.ru https://dl.metabar.ru https://www.googletagmanager.com https://www.google-analytics.com https://*.googleapis.com https://ssl.google-analytics.com/ https://*.yandex.ru https://yastatic.net https://*.yandex.ua ya.ru https://counter.yadro.ru https://top-fwz1.mail.ru https://*.facebook.com https://*.twitter.com https://*.vk.com https://vk.com https://*.facebook.net https://*.ok.ru https://*.doubleclick.net 'unsafe-inline' 'unsafe-eval'; report-uri https://www.buhonline.ru/private/csp-report 1
script-src https://www.lookfantastic.cn https://m.lookfantastic.cn 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://hm.baidu.com https://tag.baidu.com; report-uri https://www.lookfantastic.cn/cspReport.txt; 1
upgrade-insecure-requests;script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-43cjUH3k' 'report-sample' static.ptausercontent.com www.google-analytics.com c.dun.163yun.com cstaticdun.126.net;report-uri https://ptareport.report-uri.com/r/d/csp/reportOnly 1
default-src data: https: 'unsafe-inline' 'unsafe-eval' bible.ru bibleonline.ru *.bible.ru *.bibleonline.ru https://*.bible.ru https://*.bibleonline.ru; script-src https: 'unsafe-inline' 'unsafe-eval';report-uri https://bible.report-uri.io/r/default/csp/reportOnly 1
default-src https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' https://*.chatlio.com https://maxcdn.bootstrapcdn.com https://js.intercomcdn.com data: https://fonts.gstatic.com ; connect-src https://bam.nr-data.net https://fonts.gstatic.com wss://ws.pusherapp.com https://*.chatlio.com wss://*.intercom.io https://*.intercom.io https://*.algolia.com https://*.algolia.net https://*.algolianet.com https://insights.hotjar.com wss://*.hotjar.com https://*.kissmetrics.com https://vimeo.com https://*.pingdom.net; report-uri https://algolia.report-uri.io/r/default/csp/reportOnly 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=9ab895b6-917f-45fd-befb-6eb269af8654&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
default-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:; report-uri /report-mixed-content 1
default-src https: blob: data: 'self' 'unsafe-inline' 'unsafe-eval'; report-uri https://us-central1-pr-environment.cloudfunctions.net/policy-violation 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.de ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.de *.spreadshirt.de ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.de ; font-src 'self' https: *.spreadshirt.de ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.de ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.de ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.craftyclicks.co.uk *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.neolane.net *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.raptmedia.com *.rbos.com *.rbs.co.uk *.rbs.com *.rbsdigital.com *.supportcentre-rbs.co.uk *.snapchat.com *.userzoom.com *.youtube.com *.ytimg.com dpm.demdex.net jwpltx.com rbs.demdex.net search-rbs.co.uk; upgrade-insecure-requests; report-uri https://rbspersonal.report-uri.com/r/t/csp/reportOnly 1
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ge.ch https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' 'unsafe-inline' data: https://ge.ch https://*.infomaniak.com https://*.infomaniak.ch https://www.google-analytics.com; media-src 'self' https://*.infomaniak.com https://*.infomaniak.ch; frame-src 'self' https://vod.infomaniak.com; font-src 'self'; connect-src 'self'; report-uri /admin/config/system/seckit/csp-report 1
upgrade-insecure-requests; default-src 'none'; script-src 'self' 'unsafe-inline' cdn.ravenjs.com www.googletagmanager.com www.google-analytics.com js.driftt.com js.hs-scripts.com js.hs-analytics.net; connect-src 'self' sentry.io reload.getsentry.net api.amplitude.com; img-src 'self' data: sentry-brand.storage.googleapis.com sentry-blog.storage.googleapis.com sentryio-assets.storage.googleapis.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com track.hubspot.com; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' js.driftt.com player.vimeo.com; media-src sentryio-assets.storage.googleapis.com; report-uri https://sentry.io/api/1297627/security/?sentry_key=e811b9077ef64dcf8a279ec18a61b222 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=138-2034103-8295334:rid=M2J3CSKPM16WDB9H5FXM:sn=www.audible.com 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://sc020yt0rwhkktjwws4uujxl.httpschecker.net/report 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: ws: *; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: ws: blob: *.pivotaltracker.com *.swiftypecdn.com *.typekit.net *.google.com *.googleapis.com *.googleadservices.com *.addthis.com *.addthisedge.com *.mxpnl.com *.mixpanel.com *.google-analytics.com *.cloudflare.com *.trustarc.com *.newrelic.com *.nr-data.net *.googletagmanager.com googleads.g.doubleclick.net *.disqus.com *.disquscdn.com; report-uri /services/area_51/security_content_violations 1
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: 'unsafe-inline' 'unsafe-eval' data: ; report-uri https://booklog.report-uri.io/r/default/csp/reportOnly 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.ca&source%5Bsection%5D=brochure&source%5Buuid%5D=d176e27f1e9ea8792402873d9ae4e625 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; font-src https: data: 'unsafe-inline'; img-src https: data: 'unsafe-inline'; report-uri https://cspreport.report-uri.io/r/default/csp/reportOnly 1
default-src 'self' * 127.0.0.1; script-src 'unsafe-inline' 'unsafe-eval' 'self' data: https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' https: data:; frame-src 'self' https: http: data:; child-src 'self' https: http: data:; 1
script-src 'unsafe-eval' 'self' fast.fonts.net www.google.com *.googleapis.com *.gstatic.com *.google-analytics.com platform.twitter.com cdn.api.twitter.com syndication.twimg.com *.facebook.net *.newrelic.com bs.serving-sys.com cdn.feedbackify.com www.googleadservices.com s.btstatic.com s.thebrighttag.com; object-src 'self' www.youtube.com maps.googleapis.com; media-src 'self' www.youtube.com; report-uri /flybuys-web/api/csp-report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=f52348d9-353a-44f4-89f3-55bc7cc681c3&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
block-all-mixed-content; report-uri https://1knzater8k.execute-api.us-west-2.amazonaws.com/prod/csp-report; 1
default-src https: data: 'unsafe-inline' 'unsafe-eval' wss:; report-uri https://2d89e693d66a49d6993df623e272311f.myssl-uri.com/api/csp-report 1
default-src 'self' 'unsafe-inline' *.atbar.org *.issuu.com ddfbm2kt5ml6l.cloudfront.net cdn.soton.ac.uk cdn.southampton.ac.uk corporate.wordpress.soton.ac.uk blog.soton.ac.uk; script-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com www.googleadservices.com www.googletagmanager.com *.google-analytics.com connect.facebook.net static.ads-twitter.com j.flxpxl.com hj.flxpxl.com d2hlpp31teaww3.cloudfront.net d1d7fjtb6d4i2m.cloudfront.net analytics.twitter.com ib.adnxs.com www.intelliworkschat.com access.ecs.soton.ac.uk *.atbar.org www.youtube.com s.ytimg.com *.issuu.com ddfbm2kt5ml6l.cloudfront.net cdn.soton.ac.uk cdn.southampton.ac.uk stats.wp.com soton.disqus.com stats.wp.com corporate.wordpress.soton.ac.uk blog.soton.ac.uk s0.wp.com use.typekit.net connect.facebook.com platform.twitter.com; font-src 'self' data: ddfbm2kt5ml6l.cloudfront.net cdn.soton.ac.uk cdn.southampton.ac.uk use.typekit.net; img-src data: 'self' www.southampton.ac.uk cdn.soton.ac.uk cdn.southampton.ac.uk t.co mpp2.vindicosuite.com *.google-analytics.com *.facebook.com pixel.adsafeprotected.com *.doubleclick.net www.google.com www.google.co.uk *.atbar.org *.issuu.com image.isu.pub www.intelliworkschat.com pixel.wp.com blog.soton.ac.uk platform.twitter.com pbs.twimg.com syndication.twitter.com p.typekit.net d1d7fjtb6d4i2m.cloudfront.net; frame-src 'self' www.google.com www.google.co.uk www.youtube.com *.issuu.com ddfbm2kt5ml6l.cloudfront.net cdn.soton.ac.uk cdn.southampton.ac.uk; child-src 'self' www.google.com www.google.co.uk www.youtube.com *.issuu.com ddfbm2kt5ml6l.cloudfront.net cdn.soton.ac.uk cdn.southampton.ac.uk; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://trlhvadgdetff1t0lc6gw4oo.httpschecker.net/report 1
script-src https://static.pizza.de/ *.pizza.de https://*.salesforceliveagent.com https://pizzadeinfo.wpengine.com *.newrelic.com bam.nr-data.net https://browser-update.org https://www.googletagmanager.com https://www.google-analytics.com https://tracker.marinsm.com *.googleapis.com *.tvsquared.com https://medusa-sdk-dot-dh-bigdata.appspot.com https://medusa-sdk-dot-dh-bigdata-test.appspot.com https://medusa-dot-dh-bigdata.appspot.com https://medusa-dot-dh-bigdata-test.appspot.com https://api.usersnap.com https://static.hotjar.com *.cloudfront.net/js/ https://*.facebook.net https://*.criteo.net https://*.criteo.com https://amplify.outbrain.com https://www.googleadservices.com https://www.google.com/ads/ https://www.google.de/ads/ https://ad.atdmt.com https://js.adsrvr.org https://resources.host.bannerflow.com https://js.appboycdn.com https://dmp.theadex.com https://bat.bing.com/ https://*.doubleclick.net https://www.dwin1.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https://static.pizza.de/ *.pizza.de 'self' 'unsafe-inline'; img-src https://static.pizza.de/ data: *.pizza.de *.deliveryhero.io *.marinsm.com https://www.facebook.com https://*.tvsquared.com https://*.doubleclick.net https://www.google-analytics.com https://www.google.com/ads/ https://www.google.de/ads/ https://*.gstatic.com https://*.googleapis.com https://www.googleadservices.com https://*.googleusercontent.com https://insight.adsrvr.org https://dmp.theadex.com https://amplifypixel.outbrain.com https://tr.outbrain.com https://www.awin1.com 'self'; connect-src https://static.pizza.de/ *.pizza.de *.newrelic.com bam.nr-data.net *.googleapis.com *.marinsm.com *.facebook.com https://medusa-dot-dh-bigdata.appspot.com https://medusa-dot-dh-bigdata.appspot.com https://medusa-dot-dh-bigdata-test.appspot.com https://medusa-sdk-dot-dh-bigdata.appspot.com https://medusa-sdk-dot-dh-bigdata-test.appspot.com https://dev.appboy.com 'self'; font-src https://static.pizza.de/ data: *.pizza.de 'self'; object-src 'none'; frame-ancestors 'none'; report-uri /log 1
default-src 'self' cas.avalon.perfdrive.com *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; frame-src 'self' blob: www.facebook.com connect.facebook.net www.google.com www.googletagmanager.com www.empruntis.com player.vimeo.com *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; img-src data: blob: www.google.com www.googletagmanager.com www.google.fr www.google-analytics.com stats.g.doubleclick.net www.facebook.com gl.hostcg.com api.mapbox.com static.intercomassets.com maps.googleapis.com maps.gstatic.com *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; child-src blob:; media-src *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; script-src 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com/ajax/libs/rollbar.js/ cdn.polyfill.io www.google-analytics.com maps.googleapis.com www.gstatic.com www.google.com www.googletagmanager.com connect.facebook.net *.realytics.io cdn-eu.realytics.net gl.hostcg.com actorssl-5637.kxcdn.com js-agent.newrelic.com bam.nr-data.net *.perfdrive.com *.algolia.net *.algolianet.com widget.intercom.io js.intercomcdn.com www.fullstory.com d3js.org code.highcharts.com/highcharts.js *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; connect-src 'self' api.realytics.io m.realytics.io api.rollbar.com *.mapbox.com tile.meilleursagents.com stats.g.doubleclick.net www.google-analytics.com bam.nr-data.net *.perfdrive.com rs.fullstory.com statcache-5637.kxcdn.com www.facebook.com *.algolia.net *.algolianet.com api-iam.intercom.io *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; font-src 'self' fonts.gstatic.com js.intercomcdn.com *.meilleursagents.com *.meilleursagents.vm *.meilleursagents.org *.meilleursagents.tech; worker-src blob:; report-uri /csp-report 1
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/gl/prod 1
default-src https:; script-src about: 'unsafe-inline' 'unsafe-eval' https:; img-src data: blob: https:; style-src 'unsafe-inline' https:; report-uri https://idcqa.report-uri.com/r/default/csp/reportOnly; 1
default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.com/ https://pagead2.googlesyndication.com/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.com https://apis.google.com https://accounts.google.com; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.com/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.com http://vk.com https://accounts.google.com/ 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/stavangeraftenblad/publishing/pro 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://sglaphdvmwtjgk6t1jgjr6jj.httpschecker.net/report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=8ce67acd-4f76-4206-8233-f7f29bb9643f&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://uwlbopkkt1cuwmendw4wb47m.httpschecker.net/report 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://rameez.report-uri.io/r/default/csp/reportOnly 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://robbreport.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src https:; img-src https: data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://www.preloved.co.uk/t/csp-report; 1
default-src https: blob: android-webview-video-poster: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://6lubylb0fb.execute-api.eu-west-1.amazonaws.com/prod/report 1
default-src 'self' bat.bing.com connect.facebook.net google.com googleapis.com gstatic.com hopwork.be hopwork.com hopwork.es hopwork.fr hopwork.it intercom.io platform.twitter.com snap.licdn.com themes.googleusercontent.com 'unsafe-inline' data: https: wss:;font-src 'self' bat.bing.com connect.facebook.net google.com googleapis.com gstatic.com hopwork.be hopwork.com hopwork.es hopwork.fr hopwork.it intercom.io platform.twitter.com snap.licdn.com themes.googleusercontent.com akamai.com cloudinary.com res.cloudinary.com data: https:;img-src 'self' bat.bing.com connect.facebook.net google.com googleapis.com gstatic.com hopwork.be hopwork.com hopwork.es hopwork.fr hopwork.it intercom.io platform.twitter.com snap.licdn.com themes.googleusercontent.com akamai.com cloudinary.com res.cloudinary.com data: https:;media-src 'self' bat.bing.com connect.facebook.net google.com googleapis.com gstatic.com hopwork.be hopwork.com hopwork.es hopwork.fr hopwork.it intercom.io platform.twitter.com snap.licdn.com themes.googleusercontent.com vimeo.com data: https:;script-src 'self' bat.bing.com connect.facebook.net google.com googleapis.com gstatic.com hopwork.be hopwork.com hopwork.es hopwork.fr hopwork.it intercom.io platform.twitter.com snap.licdn.com themes.googleusercontent.com 'unsafe-eval' 'unsafe-inline' https:;style-src 'self' bat.bing.com connect.facebook.net google.com googleapis.com gstatic.com hopwork.be hopwork.com hopwork.es hopwork.fr hopwork.it intercom.io platform.twitter.com snap.licdn.com themes.googleusercontent.com 'unsafe-inline' https:; report-uri /csp-violations; 1
default-src 'block-all-mixed-content'; report-uri https://www.trackwrestling.com/tw/CSPReporting 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://yukrxbzdbwbdljexbehbugsn.httpschecker.net/report; report-to https://yukrxbzdbwbdljexbehbugsn.httpschecker.net/report 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/faedrelandsvennen/publishing/pro 1
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://2775c0caf9a9331d0ee4fa5182731835.report-uri.com/r/d/csp/reportOnly 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=db24aa12-ae81-48b1-99e6-2ec9b68eedf6&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src * ; script-src * data: 'self' blob blob: 'unsafe-eval' 'unsafe-inline' ; style-src * data: 'self' blob blob: 'unsafe-inline' ; img-src * data: ; font-src * data: ; connect-src * ; media-src * ; object-src * ; child-src * ; frame-src * ; worker-src * ; frame-ancestors * ; report-uri /bdportlet-NemIDLoginPortlet/cspreport; 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://fnjmuswxyulnlfgyosswe2a6.httpschecker.net/report; report-to https://fnjmuswxyulnlfgyosswe2a6.httpschecker.net/report 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://twvvmtwwpe9xa2juwe07meaa.httpschecker.net/report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=a7c457a5-5a3d-4ffc-b90d-0e7dcf00505b&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
connect-src 'self' wss://*.nestaway.com:* *.nestaway.com *.googleapis.com *.razorpay.com us-central1-production-nestaway.cloudfunctions.net www.facebook.com www.google-analytics.com *.mixpanel.com *.freshmarketer.com wss://*.freshmarketer.com cdnjs.cloudflare.com/ajax/libs/knockout/ www.google.com www.google.co.in *.doubleclick.net *.jquery.com *.mouseflow.com *.twitter.com *.qualaroo.com wss://*.qualaroo.com *.nr-data.net wss://*.nr-data.net hooks.zapier.com/hooks/catch/1199663/ wss://production-nestaway.firebaseio.com production-nestaway.firebaseio.com *.ucweb.com; frame-ancestors *.nestaway.com; manifest-src 'self' https://nestaway-assets.akamaized.net/; report-uri https://nestprod.report-uri.com/r/d/csp/reportOnly; 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://footwearnews.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
default-src 'self' https: data:; base-uri 'self'; connect-src https: wss:; font-src 'self' data: https:; img-src https: data: blob:; media-src https: data: blob:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://bellroycom.report-uri.com/r/d/csp/reportOnly 1
upgrade-insecure-requests; block-all-mixed-content; report-uri https://diyaudioreport.report-uri.com/r/d/csp/reportonly 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://kmnb9njjp1xgm16brnc7t488.httpschecker.net/report; report-to https://kmnb9njjp1xgm16brnc7t488.httpschecker.net/report 1
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.google.ie *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.neolane.net *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.snapchat.com *.ulsterbank.ie *.ulsterbank.com *.ulsterbankanytimebanking.ie *.userzoom.com *.youtube.com *.ytimg.com dpm.demdex.net jwpltx.com rbs.demdex.net; upgrade-insecure-requests; block-all-mixed-content; report-uri https://ulsterbankroi.report-uri.com/r/t/csp/reportOnly 1
default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=emimino 1
default-src 'none'; script-src 'self' 'report-sample' https://cdn.innocraft.cloud https://www.youtube.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' 'report-sample'; img-src 'self' data: https://thecorrespondent.innocraft.cloud https://i.ytimg.com; font-src 'self'; connect-src 'self' https://campaign.thecorrespondent.com https://thecorrespondent.innocraft.cloud https://sentry.io; media-src 'self'; child-src https://youtube.com https://www.youtube.com https://player.vimeo.com https://staticxx.facebook.com https://platform.twitter.com https://media.mtvnservices.com; frame-src https://youtube.com https://www.youtube.com https://player.vimeo.com https://staticxx.facebook.com https://platform.twitter.com https://media.mtvnservices.com; manifest-src 'self'; frame-ancestors 'none'; form-action 'self'; base-uri 'self'; report-uri https://correspondent.report-uri.com/r/d/csp/reportOnly; block-all-mixed-content 1
script-src https://www.zavvi.com https://m.zavvi.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://fp.zenaps.com https://pagead2.googlesyndication.com https://securepubads.g.doubleclick.net; report-uri https://www.zavvi.com/cspReport.txt; 1
default-src https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://voicethread.com https://prod-cdn.voicethread.com https://prod-transcode.voicethread.com www.google-analytics.com *.typekit.net *.litix.io ajax.googleapis.com www.google.com www.gstatic.com fast.wistia.com fast.wistia.net *.wistia.com *.wistia.com form.jotform.com cdn.jotfor.ms secure.jotformpro.com submit.jotformpro.com;style-src 'self' 'unsafe-inline' https://voicethread.com https://prod-cdn.voicethread.com https://prod-transcode.voicethread.com fonts.googleapis.com;child-src 'self' https://voicethread.com submit.jotformpro.com https://*.facebook.com player.vimeo.com www.google.com fast.wistia.com fast.wistia.net *.wistia.com player.vimeo.com;connect-src 'self' https://voicethread.com https://prod-cdn.voicethread.com https://prod-transcode.voicethread.com performance.typekit.net submit.jotformpro.com *.akamaihd.net *.litix.io *.wistia.com *.litix.io;font-src 'self'  https://voicethread.com https://prod-cdn.voicethread.com https://prod-transcode.voicethread.com use.typekit.net fonts.gstatic.com fonts.googleapis.com;form-action 'self'  https://voicethread.com submit.jotformpro.com;frame-ancestors none ;img-src 'self' https://voicethread.com https://prod-cdn.voicethread.com https://prod-transcode.voicethread.com docs.google.com *.googleusercontent.com www.google-analytics.com https://*.facebook.com p.typekit.net stats.g.doubleclick.net *.litix.io *.akamaihd.net fast.wistia.com embed.wistia.com embedwistia-a.akamaihd.net events.jotform.com cdn.jotfor.ms;media-src 'self' https://voicethread.com https://prod-cdn.voicethread.com https://prod-transcode.voicethread.com embed.wistia.com embedwistia-a.akamaihd.net;object-src 'self' https://prod-cdn.voicethread.com;report-uri /csp_report/; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=81861099-9a3b-4761-a450-8e1fce2b02ee&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=146-5359251-5789355:rid=P3ENQKBY4CRZK8DD3C19:sn=www.audible.com 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://n0vbtrtowdtlrumemsosleh3.httpschecker.net/report 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=146-1717979-8370930:rid=GC511WX9FQNNA4503J7T:sn=www.audible.com 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://mslrbgjmvzkonpqcwkhc51ma.httpschecker.net/report 1
script-src https://www.myprotein.it https://m.myprotein.it 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.it/cspReport.txt; 1
default-src 'unsafe-inline' 'unsafe-eval' data: https:; report-uri https://sentry.alboweb.nl/api/90/csp-report/?sentry_key=50677694228d4eb4befdcf33b750247d; 1
default-src 'self' https://www.epay.bg https://online.epay.bg 'unsafe-inline' ; img-src 'self' data: https://www.epay.bg https://online.epay.bg ; frame-src https: ; report-uri https://www.epay.bg/csp 1
default-src 'self' *.ccavenue.com *.fonepaisa.com view.officeapps.live.com www.google.com netdna.bootstrapcdn.com; connect-src 'self' *.elitmus.com *.elitmus.net *.google-analytics.com wss:; font-src 'self' cdn.jsdelivr.net fonts.gstatic.com netdna.bootstrapcdn.com https: data:; img-src 'self' cdn0.elitmus.net *.amazonaws.com data: https: www.google.com *.google-analytics.com; object-src 'self' *.amazonaws.com; script-src 'self' 'unsafe-inline' cdn0.elitmus.net google-analytics.com cdn.jsdelivr.net/bootstrap.daterangepicker/2/daterangepicker.js cdn.jsdelivr.net/momentjs/latest/moment.min.js https: data:; style-src 'self' 'unsafe-inline' cdn0.elitmus.net netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css cdn.jsdelivr.net/bootstrap/3/css/bootstrap.css cdn.jsdelivr.net/bootstrap.daterangepicker/2/daterangepicker.css https:; report-uri /csp_reports 1
default-src 'self' 'unsafe-inline' https://api.timekit.io https://*.doubleclick.net https://*.hotjar.com wss://*.hotjar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.facebook.com https://www.gstatic.com https://www.google.com https://*.google-analytics.com https://*.doubleclick.net https://*.siftscience.com https://*.livechatinc.com https://*.hotjar.com wss://*.hotjar.com https://*.wavecrest.gi https://*.apiary.io https://*.ads-twitter.com https://*.twitter.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com; img-src * data:; frame-src 'self' https:; font-src 'self' data: https://*.livechatinc.com https://fonts.gstatic.com https://themes.googleusercontent.com https://fonts.googleapis.com 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline';style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 1
report-uri https://r4com.report-uri.io/r/default/csp/reportOnly 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; worker-src https: data: blob:; font-src https: data:; report-uri https://psi.pixum.com/?ns=content-security-policy&service=base&module=status&action=log&sessionId=59cd773fd0bf9cb99c93171909884f2291a84fe8 1
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; report-uri /csp-report/ 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://mscdktzjnxl9arryaodfz8ru.httpschecker.net/report 1
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; report-uri https://usercontent.mobileread.org/csp-report 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://bvnux2bdnmvrbyg5ptbbmxge.httpschecker.net/report 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.appdynamics.com col.eum-appdynamics.com fonts.gstatic.com ajax.googleapis.com www.googleapis.com fonts.googleapis.com use.fontawesome.com www.w3schools.com home.textkernel.nl staging.textkernel.nl www.dropbox.com apis.google.com www.google.com html5shim.googlecode.com media.readspeaker.com s7.addthis.com d2sl310zdnr3q6.cloudfront.net www.google-analytics.com https://apps.knollenstein.com https://appsdev.knollenstein.com font.visma.com *.easycruit.com m.addthis.com api-public.addthis.com flowanalytic.site networkanalytics.xyz knowledge-and-support-center.visma.net m.addthisedge.com apply.indeed.com content.googleapis.com commondatastorage.googleapis.com themes.googleusercontent.com www.googletagmanager.com fast.fonts.net db.onlinewebfonts.com hello.myfonts.net cdnjs.cloudflare.com d1fc8wv8zag5ca.cloudfront.net connect.facebook.net emea3.recruitmentplatform.com tag.goldenbees.fr s.ytimg.com www.findizer.fr webfonts.zohostatic.com platform.linkedin.com zgao.nl; img-src * 'unsafe-inline' 'unsafe-eval'; report-uri /ajax/logging/log_csp_report 1
upgrade-insecure-requests; 1
default-src https: blob: wss://*.zopim.com 'unsafe-inline' 'unsafe-eval' wss://*.flightcentre.com.au:*; frame-ancestors *.calypso.net.au *.flightcentre.com.au; report-uri /api/csp_report; img-src https: blob: data:; font-src https: blob: data:; 1
frame-ancestors 'self'; report-uri https://accounts.humanity.com/reportcsp.php 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=2466bb33-cdbe-4e04-bc51-20f9f68da02c&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://m3knwt5xlxrylde4mnk41bfp.httpschecker.net/report 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.in&source%5Bsection%5D=brochure&source%5Buuid%5D=9ab6f690193c293779cd455f1122d9a6 1
script-src https://www.mybag.com https://m.mybag.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://dyn-beacon.akamaized.net https://fp.zenaps.com; report-uri https://www.mybag.com/cspReport.txt; 1
default-src https:; script-src https: data: blob:; object-src https:; style-src https: blob:; img-src https: blob: data: http://ad.doubleclick.net; media-src https: data:; frame-src https: data: instagram:; child-src https: data: instagram:; font-src https: data:; connect-src https: wss: blob:; report-uri https://virginstage.report-uri.com/r/d/csp/reportOnly 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://hmevpmarfjznuepmmdkai0ym.httpschecker.net/report 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https:; report-uri /csp-report 1
default-src 'none'; img-src 'self' data: www.gstatic.com ssl.google-analytics.com www.google-analytics.com cdn.paddle.com v2.zopim.com; media-src v2.zopim.com; object-src 'none'; worker-src 'none'; style-src 'self' 'unsafe-inline' cdn.paddle.com; font-src 'self' data: v2.zopim.com; script-src 'unsafe-inline' 'self' d31j93rd8oukbv.cloudfront.net ssl.google-analytics.com www.google.com www.gstatic.com cdn.paddle.com checkout.paddle.com v2.zopim.com *.zdassets.com; frame-src www.google.com checkout.paddle.com; connect-src 'self' d31j93rd8oukbv.cloudfront.net ssl.google-analytics.com analytics.paddle.com browsec.zendesk.com wss://*.zopim.com https://*.zdassets.com; frame-ancestors 'none'; report-uri /api/v1/reports; 1
object-src data: 'self' *.yeloplay.be *.telenet-ops.be; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.telenet.be *.yeloplay.be *.telenet-ops.be; img-src data: 'unsafe-inline' 'self' *.telenet.be *.yeloplay.be *.telenet-ops.be; style-src 'self' 'unsafe-inline'; media-src data: blob: 'self' *.telenet.be *.yeloplay.be *.telenet-ops.be; plugin-types application/silverlight application/x-silverlight; report-uri /report-violation 1
default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://dailyvoice.report-uri.com/r/d/csp/reportOnly 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://vwtjtrxk3sfdp0kvpob5s8gb.httpschecker.net/report 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.adelphi.edu/_logger/csp.php?host=www.adelphi.edu 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=7c6b9f8b-5f71-4a9d-a6ca-fddfb591c70b&version=bed484b9453afae159e3860b6f6fcb303ba7ac22 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=6e429fb2-0a3b-4384-917d-8740a0d90b6d&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
default-src 'none';base-uri 'self';connect-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://plus.browsealoud.com https://babm.texthelp.com/ https://*.speechstream.net;form-action 'self';manifest-src 'self';font-src 'self' https://fonts.gstatic.com;child-src https://www.youtube-nocookie.com;frame-src https://www.youtube-nocookie.com;img-src 'self' data: https://img.youtube.com/vi/ https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net https://maps.gstatic.com https://maps.googleapis.com https://plus.browsealoud.com;media-src 'self';object-src 'self';script-src 'self' https://ssl.google-analytics.com https://www.google-analytics.com 'sha256-vzghAkP9x6OP0Dv9ybmabTkAYNfDQFlPUMG5MHgEFTA=' https://maps.googleapis.com https://www.browsealoud.com https://plus.browsealoud.com;style-src 'self' https://fonts.googleapis.com https://plus.browsealoud.com;report-uri /api/CspReport/Index 1
default-src https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* 'self' 'unsafe-inline' 'unsafe-eval' http://fast.fonts.com https://demusnq8ggs2.cloudfront.net; connect-src https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* 'self' 'unsafe-inline' 'unsafe-eval' http://fast.fonts.com https://demusnq8ggs2.cloudfront.net; font-src 'self' https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* data:; frame-src https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* http://*.twimg.com http://itunes.apple.com; img-src https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* data:; media-src https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* 'self' 'unsafe-inline' 'unsafe-eval' http://fast.fonts.com https://demusnq8ggs2.cloudfront.net; object-src https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://* 'self' 'unsafe-inline' 'unsafe-eval' http://fast.fonts.com https://demusnq8ggs2.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://db14a374o5s8l.cloudfront.net; style-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://cdn.heapanalytics.com https://www.google-analytics.com/analytics.js https://*; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://utdrvvtzkqpmtlszwunimosi.httpschecker.net/report 1
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/;frame-ancestors 'none';report-uri /csp/report 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://vmsja0oh0tpvhprbwa4e32f4.httpschecker.net/report 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://hmjutoyqavvmmwvervd4qy5v.httpschecker.net/report; report-to https://hmjutoyqavvmmwvervd4qy5v.httpschecker.net/report 1
child-src 'self' blob:		https://www.google.com/recaptcha/		maps.google.com		www.googletagmanager.com		player.vimeo.com		www.hirebridge.com	;	connect-src 'self'		*.caymanchem.com	;	font-src 'self'		cdnjs.cloudflare.com		maxcdn.bootstrapcdn.com	;	img-src 'self' data:		 *.caymanchem.com		stats.g.doubleclick.net		www.google-analytics.com	;	media-src 'self'		vimeo.com	;	script-src 'self' 'unsafe-eval' 'unsafe-inline'		*.caymanchem.com		ajax.googleapis.com		cdn.datatables.net		cdnjs.cloudflare.com		cdn.jsdeliver.net		code.jquery.com		https://www.google.com/jsapi		https://www.google.com/recaptcha/api.js		https://www.google.com/uds/		https://www.googletagmanager.com/gtm.js		maxcdn.bootstrapcdn.com		use.fontawesome.com		vimeo.com		www.google-analytics.com		www.googletagmanager.com		www.gstatic.com	;	style-src 'self' 'unsafe-inline'		https://ajax.googleapis.com/		https://www.google.com/uds/		cdn.datatables.net		maxcdn.bootstrapcdn.com	;	default-src 'self' blob:	; 1
frame-ancestors https://*.prace.cz https://my.teamio.com https://*.facebook.com https://*.jobs.cz https://*.topjobs.sk; report-uri /csp-reports/ 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sportpursuit.info https://www.sportpursuit.com https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js https://www.googletagmanager.com/gtm.js https://static-eu.payments-amazon.com https://www.google-analytics.com https://m.sportpursuit.com https://payments.amazon.co.uk https://connect.facebook.net https://www.sc.pages05.net https://payments.amazon.co.uk https://payments.amazon.de https://*.amazon.com https://*.olark.com https://platform.twitter.com https://widget.trustpilot.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://live.adyen.com https://maps.googleapis.com https://js.braintreegateway.com https://www.paypalobjects.com https://assets.adobedtm.com https://*.dcmn.io https://*.googlesyndication.com; style-src 'self' 'unsafe-inline' https://*.sportpursuit.info https://www.sportpursuit.com https://fonts.googleapis.com https://static.olark.com; img-src 'self' 'unsafe-inline' data: https:;  connect-src 'self' https://raven.sportpursuit.com https://capture.trackjs.com https://payments.amazon.co.uk https://*.amazon.com https://payments.amazon.de https://coin-eu.amazonpay.com https://www.google-analytics.com https://nrpc.olark.com https://dpm.demdex.net https://connect.facebook.net https://*.facebook.com https://*.doubleclick.net https://*.google.com https://m.sportpursuit.com; font-src 'self' https://*.sportpursuit.info https://www.sportpursuit.com https://fonts.gstatic.com https://widgets.trustedshops.com data:; frame-src 'self' https://www.googletagmanager.com https://staticxx.facebook.com https://www.facebook.com https://static.olark.com https://platform.twitter.com https://syndication.twitter.com https://www.youtube.com https://widget.trustpilot.com https://player.vimeo.com https://payments.amazon.co.uk https://assets.braintreegateway.com https://*.paypal.com https://discovery.demdex.net https://*.doubleclick.net https://*.dcmn.io https://ssl.kaptcha.com https://*.googlesyndication.com; object-src 'self'; media-src 'self' https://*.sportpursuit.info https://www.sportpursuit.com https://static.olark.com; form-action 'self' https://platform.twitter.com https://syndication.twitter.com https://payments.amazon.co.uk https://www.facebook.com; frame-ancestors 'self'; report-uri https://raven.sportpursuit.com/api/v2.0.0/status/csp/ 1
img-src https: data:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'; 1
connect-src 'self' logx.optimizely.com *.optimizely.com *.maginfrastructure.com *.hotjar.com www.google-analytics.com capture.trackjs.com www.facebook.com stats.g.doubleclick.net *.holidayextras.co.uk;frame-src *.optimizely.com *.fls.doubleclick.net vars.hotjar.com www.googletagmanager.com www.facebook.com www.thetrainline.com www.google.com;img-src 'self' cdn.optimizely.com assets.live.web.maginfrastructure.com live-webadmin-media.s3.amazonaws.com test-webadmin-media.s3.amazonaws.com s3-eu-west-1.amazonaws.com www.google-analytics.com nova.collect.igodigital.com www.facebook.com usage.trackjs.com p.typekit.net mag-retail-media-live.s3.amazonaws.com bat.bing.com pixel.quantserve.com *.g.doubleclick.net t.co www.google.com www.google.co.uk *.cpx.to *.adnxs.com *.avocet.io p.travelsmarter.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' data: cdn.optimizely.com https://www.googletagmanager.com www.googletagservices.com www.google-analytics.com www.google.com cdn.trackjs.com static.hotjar.com script.hotjar.com 10959453.collect.igodigital.com/collect.js cdn3.optimizely.com connect.facebook.net tag.yieldoptimizer.com use.typekit.net inpref.s3.amazonaws.com securepubads.g.doubleclick.net platform.twitter.com *.cpx.to rules.quantcount.com static.ads-twitter.com analytics.twitter.com www.gstatic.com adservice.google.co.uk adservice.google.com secure.quantserve.com bat.bing.com *.doubleclick.net www.googleadservices.com 'nonce-2T9NWmPJlIG63Pj5ZiCLuJF6JkXTQjx9';style-src 'self' 'unsafe-inline' static.tacdn.com data:; report-uri https://webevo.report-uri.com/r/d/csp/reportOnly 1
default-src 'self'; font-src 'self' data:; img-src 'self' data: *; report-uri /csp_reports?report_only=true; script-src 'self' www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net stats.g.doubleclick.net translate.googleapis.com translate.google.com www.google.com 'nonce-0iLzXjfd+xH/uXmavcrESw=='; connect-src 'self' js.maxmind.com www.google-analytics.com stats.g.doubleclick.net googleads.g.doubleclick.net translate.googleapis.com www.google.com; frame-src 'self' www.google.com bid.g.doubleclick.net; style-src 'self' 'unsafe-inline' translate.googleapis.com 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://dev-ssl.loseit.com/_ops/csp-report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=5de1f4ce-8a4c-47f4-8958-422f643cf93d&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.twitter.com *.outbrain.com bam.nr-data.net bat.bing.com *.taboola.com *.facebook.net *.facebook.com *.visualwebsiteoptimizer.com *.doubleclick.net *.hubspot.com api.hubapi.com js.hs-analytics.net js.hsadspixel.net js.hs-scripts.com js.usemessages.com js.driftt.com *.yandex.ru svc.webspellchecker.net *.newrelic.com *.linkedin.com *.leadforensics.com *.bizographics.com *.outbrain.com gateway.zscloud.net www.google-analytics.com www.google.com www.google.ch www.google.ru www.google.co.in www.google.co.jp www.google.co.uk www.google.de www.google.com.sg www.google.com.pe www.google.co.th www.google.bg www.google.at https://www.google.es www.googleadservices.com www.googletagmanager.com *.gravatar.com; report-uri /csp-reports 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.co.uk ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.co.uk *.spreadshirt.co.uk ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.co.uk ; font-src 'self' https: *.spreadshirt.co.uk ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.co.uk ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.co.uk ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.hs-growth-metrics.com https://*.usemessages.com https://*.hsadspixel.net https://*.hubapi.com https://seal.verisign.com/ https://cdn.datatables.net https://js.hscta.net https://forms.hsforms.com https://code.jquery.com https://*.greenhouse.io https://*.fontawesome.com https://*.googletagmanager.com https://*.newrelic.com https://*.nr-data.net https://*.swiftype.com https://*.outbrain.com https://*.digicert.com https://*.polyfill.io https://*.swiftypecdn.com https://*.typekit.net  https://*.bootstrapcdn.com https://*.jsdelivr.net https://*.hsforms.net https://*.youtube-nocookie.com https://*.youtube.com  https://*.optimizely.com https://*.mxpnl.com https://*.cloudflare.com https://*.hsforms.net https://*.gstatic.com https://*.googleapis.com https://*.amazonaws.com https://*.mixpanel.com https://*.hs-scripts.com https://www.googleadservices.com https://*.rlcdn.com https://*.adroll.com https://*.openx.net https://*.adnxs.com https://*.bidswitch.net https://*.rubiconproject.com https://*.google.com https://*.gigya.com https://*.twitter.com https://*.ziggeo.com https://*.hubspot.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.hsleadflows.net https://*.hs-analytics.net https://*.linkedin.com https://*.yahoo.com https://*.google-analytics.com https://*.alooma.com https://*.bizographics.com https://*.crowdrise.com https://*.licdn.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' https://* data:; connect-src https://*.crowdrise.com 'self' https://*.mixpanel.com https://*.hubapi.com https://*.hubspot.com https://*.alooma.com https://*.nr-data.net https://*.ziggeo.com https://*.twitter.com  https://*.optimizely.com https://*.doubleclick.net https://*.google-analytics.com https://*.typekit.net; report-uri https://28rqy7ini0.execute-api.us-west-1.amazonaws.com/prod 1
connect-src 'self' https://gatehub.net https://*.gatehub.net wss://*.gatehub.net wss://*.ripple.com https://id.ripple.com https://history.ripple.com:7443 https://api.ripplecharts.com https://data.ripple.com https://*.zendesk.com https://ekr.zdassets.com https://www.google-analytics.com https://api.gastracker.io https://api.blockcypher.com https://api.etherscan.io https://sentry.io; default-src 'self' https://gatehub.net; font-src 'self' https://gatehub.net https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' https://gatehub.net https://*.gatehub.net https://www.google.com; img-src 'self' https://gatehub.net https://*.gatehub.net https://*.amazonaws.com https://www.google-analytics.com https://chart.googleapis.com https://stats.g.doubleclick.net https://ssl.gstatic.com blob: data:; media-src 'self' https://gatehub.net https://*.gatehub.net; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gatehub.net https://*.gatehub.net https://www.google-analytics.com https://www.google.com https://fonts.googleapis.com https://ajax.googleapis.com https://apis.google.com https://www.gstatic.com https://code.highcharts.com https://*.zendesk.com https://static.zdassets.com; style-src 'self' 'unsafe-inline' https://gatehub.net https://*.gatehub.net https://fonts.googleapis.com; report-uri https://b960aada6d33bb96f0f823104b1b3dde.report-uri.com/r/d/csp/reportOnly 1
default-src 'self' ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://gateway.zscaler.net https://www.linkedin.com https://*.zopim.com https://c1.rfihub.net https://ajax.googleapis.com https://widgets.getsitecontrol.com/ https://v2.zopim.com/ https://cdn.optimizely.com https://static.ads-twitter.com www.google-analytics.com www.gstatic.com https://analytics.twitter.com https://*.hotjar.com https://ssl.google-analytics.com https://static.olark.com https://ssl.p.jwpcdn.com https://assets-jpcust.jwpsrv.com https://www.youtube.com https://s.ytimg.com https://www.google.com https://*.googleapis.com https://bat.bing.com ict.infinity-tracking.net https://t.wowanalytics.co.uk use.typekit.net https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://connect.facebook.net https://platform.twitter.com https://s3.amazonaws.com https://services.postcodeanywhere.co.uk https://www.google.co.uk https://googleads.g.doubleclick.net https://snap.licdn.com/ http://t.wowanalytics.co.uk/ https://*.rfihub.com https://px.ads.linkedin.com/ https://dc.ads.linkedin.com https://www.google.co.in https://www.google.com.ph https://www.google.cn https://www.google.com.sa https://www.google.com.vn https://www.google.de https://www.google.co.id https://www.google.com.ph https://www.google.ie https://www.google.co.kr https://www.google.com.sa https://www.google.fr https://www.google.es https://www.google.ro https://www.google.co.jp https://www.google.bs https://www.google.com.sg; style-src 'self' data: 'unsafe-inline' https://static.olark.com *.googleapis.com use.typekit.net https://services.postcodeanywhere.co.uk https://maxcdn.bootstrapcdn.com https://www.gstatic.com; img-src * data: ; font-src 'self' data: https://webfonts.zohostatic.com http://fonts.gstatic.com https://www.clearplay.com/ https://maxcdn.bootstrapcdn.com https://v2.zopim.com/ https://fonts.typekit.net fonts.gstatic.com https://use.typekit.net http://fontface.ninja https://maxcdn.bootstrapcdn.com http://themes.googleusercontent.com; connect-src * 'self' wss://de06.zopim.com https://in.hotjar.com wss://ie06.zopim.com wss://*.zopim.com; frame-src 'self' https://tpc.googlesyndication.com https://gateway.zscloud.net https://www.googletagmanager.com https://players.brightcove.net https://player.vimeo.com https://vars.hotjar.com https://online.worldpay.com https://qad.eu.crossknowledge.com https://www.youtube.com https://connect.facebook.net https://bid.g.doubleclick.net https://vars.hotjar.com https://cdn.embedly.com https://www.facebook.com https://*.rfihub.com https://www.google.com https://vars.hotjar.com https://qad.eu.crossknowledge.com https://6662311.fls.doubleclick.net https://online.worldpay.com; worker-src 'self' data: https://vars.hotjar.com https://static.olark.com http://sdn.sitecore.net https://www.youtube.com https://players.brightcove.net https://qad.eu.crossknowledge.com https://www.google.com https://accounts.google.com https://www.googletagmanager.com https://bid.g.doubleclick.net https://www.facebook.com; frame-ancestors 'self' https://qad.eu.crossknowledge.com; report-uri https://3chillies.report-uri.io/r/default/csp/reportonly;  1
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/tr/prod 1
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.ssl-images-amazon.com https://*.doubleverify.com https://*.amazon-adsystem.com https://www.googleapis.com https://s7.addthis.com https://m.addthisedge.com https://m.addthis.com https://rules.quantcount.com https://secure.quantserve.com https://ssl.google-analytics.com https://wms.assoc-amazon.com https://stats.g.doubleclick.net https://seal.geotrust.com https://www.google-analytics.com https://edge.quantserve.com https://ajax.googleapis.com; connect-src 'self' https://m.addthis.com; img-src 'self' https://resources.tidal.com https://dt.adsafeprotected.com https://*.moatads.com https://*.amazon-adsystem.com https://*.ssl-images-amazon.com https://i.ytimg.com https://s1.ticketm.net https://seal.geotrust.com https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.google-analytics.com http://img.besteveralbums.com http://albumart.besteveralbums.com https://pixel.quantserve.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.facebook.com https://widgets.itunes.apple.com https://s7.addthis.com https://*.doubleverify.com; 1
default-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; frame-src blob: *; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=a9a23e1b-9064-4747-adf8-91ea7964de3a&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src axabank.be https://www.axabank.be https://home.axabank.be; style-src https://www.axabank.be axabank.be https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com 'unsafe-inline'; script-src https://platform.twitter.com https://hello.myfonts.net https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.googleadservices.com https://sjs.bizographics.com https://dc.ads.linkedin.com https://px.ads.linkedin.com https://connect.facebook.net https://snap.licdn.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://www.google.be https://maps.google.com https://maps.googleapis.com https://www.axabank.be https://home.axabank.be axabank.be https://code.jquery.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com 'unsafe-inline'; img-src 'self' data: https://syndication.twitter.com https://raw.githubusercontent.com https://maps.google.com https://www.axabank.be https://www.facebook.com https://secure.adnxs.com https://www.google.com https://www.google.be https://imp2.ads.linkedin.com https://stats.g.doubleclick.net https://www.google-analytics.com https://csi.gstatic.com https://maps.gstatic.com; font-src https://maxcdn.bootstrapcdn.com https://plugin.skedify.io https://www.prd.authoring.axabank.be http://www.axabank.be https://fonts.gstatic.com; frame-src https://www.facebook.com https://platform.twitter.com https://staticxx.facabook.com https://campaigns.axa.be https://www.axabank.be https://www.prd.authoring.axabank.be https://www.youtube.com http://5567266.fls.doubleclick.net; frame-ancestors https://axabank.be https://www.axabank.be https://home.axabank.be; connect-src https://www.axabank.be https://home.axabank.be https://esg.services.axa.be https://api.skedify.io 1
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src * 'unsafe-inline'; img-src *; media-src 'self'; frame-src *; font-src 'self'; connect-src * 'unsafe-inline'; report-uri /admin/config/system/seckit/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vU8eOGGW4nG99xo7rY27quEG2I'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://wwd.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
img-src 'self' https://media.forbiddenplanet.com https: data: www.gravatar.com tripadvisor.com unpkg.com openstreetmap.com *.tile.openstreetmap.com dyn0.media.forbiddenplanet.com dyn.media.forbiddenplanet.com www.googletagmanager.com www.googlecommerce.com www.google-analytics.com *.google.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.instagram.com *.pinterest.com *.twitter.com *.twimg.com *.youtube.com *.youtu.be *.sagepay.com *.surveymonkey.com *.bootstrapcdn.com *.cloudfront.net *.akamaihd.net; font-src 'self' https://media.forbiddenplanet.com data: fonts.googleapis.com storage.googleapis.com fonts.gstatic.com themes.googleusercontent.com; script-src 'self' https://media.forbiddenplanet.com 'unsafe-inline' 'unsafe-eval' data: www.googletagmanager.com www.googlecommerce.com www.google-analytics.com *.google.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.instagram.com *.pinterest.com *.twitter.com *.twimg.com *.youtube.com *.youtu.be *.sagepay.com *.surveymonkey.com *.bootstrapcdn.com *.cloudfront.net *.akamaihd.net; default-src 'self' https://media.forbiddenplanet.com 'unsafe-inline' 'unsafe-eval' data:; connect-src data: *.tile.openstreetmap.com *.googleapis.com *.instagram.com www.google-analytics.com unpkg.com *.pinterest.com *.bootstrapcdn.com *.twimg.com dyn0.media.forbiddenplanet.com https: https://media.forbiddenplanet.com fonts.gstatic.com *.youtu.be *.youtube.com dyn.media.forbiddenplanet.com *.facebook.com tripadvisor.com openstreetmap.com *.akamaihd.net 'self' *.surveymonkey.com *.google.com *.gstatic.com *.sagepay.com *.cloudfront.net storage.googleapis.com www.googlecommerce.com wss://forbiddenplanet.com www.gravatar.com fonts.googleapis.com themes.googleusercontent.com *.twitter.com *.facebook.net www.googletagmanager.com; style-src data: *.googleapis.com *.instagram.com www.google-analytics.com unpkg.com *.pinterest.com *.bootstrapcdn.com *.twimg.com https://media.forbiddenplanet.com fonts.gstatic.com *.youtu.be *.youtube.com *.facebook.com *.akamaihd.net 'self' *.surveymonkey.com 'unsafe-inline' *.google.com *.gstatic.com *.sagepay.com storage.googleapis.com *.cloudfront.net www.googlecommerce.com 'unsafe-eval' fonts.googleapis.com themes.googleusercontent.com *.twitter.com *.facebook.net www.googletagmanager.com; frame-src 'self' https://media.forbiddenplanet.com www.googletagmanager.com www.googlecommerce.com www.google-analytics.com *.google.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.instagram.com *.pinterest.com *.twitter.com *.twimg.com *.youtube.com *.youtu.be *.sagepay.com *.surveymonkey.com *.bootstrapcdn.com *.cloudfront.net *.akamaihd.net data:; worker-src 'self' https://media.forbiddenplanet.com www.googletagmanager.com www.googlecommerce.com www.google-analytics.com *.google.com *.googleapis.com *.gstatic.com *.facebook.com *.facebook.net *.instagram.com *.pinterest.com *.twitter.com *.twimg.com *.youtube.com *.youtu.be *.sagepay.com *.surveymonkey.com *.bootstrapcdn.com *.cloudfront.net *.akamaihd.net data:; frame-ancestors 'self'; report-uri /@csp-report 1
child-src 'self' https://login.yahoo.net https://s.yimg.com https://s1.yimg.com;connect-src 'self' https://geo.yahoo.com https://pr.comet.yahoo.com https://ws.progrss.yahoo.com https://udc.yahoo.com;default-src 'self' https://s.yimg.com https://s1.yimg.com https://login.yahoo.net;font-src https://s.yimg.com https://s1.yimg.com;frame-src 'self' https://login.yahoo.net https://s.yimg.com https://s1.yimg.com;img-src 'self' data: https://yahoo.com https://ct.yimg.com https://s.yimg.com https://s1.yimg.com https://tw.yimg.com https://geo.yahoo.com https://socialprofiles.zenfs.com https://*.wc.yahoodns.net https://beap-bc.yahoo.com https://ws.progrss.yahoo.com https://log.fc.yahoo.com https://backyard.yahoo.com https://*.ah.yahoo.com https://pr-bh.ybp.yahoo.com https://fbcdn.net https://scontent.xx.fbcdn.net https://z-m-scontent.xx.fbcdn.net https://graph.facebook.com https://data.mail.yahoo.com https://sb.scorecardresearch.com;media-src https://*.ah.yahoo.com;report-uri https://csp.yahoo.com/beacon/csp?src=mbr_account;script-src 'self' 'unsafe-eval' https://s.yimg.com https://s1.yimg.com https://query.yahoo.com https://*.query.yahoo.com https://y.analytics.yahoo.com https://jsapi.login.yahoo.com https://fc.yahoo.com https://pr.comet.yahoo.com 'nonce-DeGVOCIRzPvsrApOy00t9CAuqKDaGM4YUfDigGgtg7v5X/GO' ;style-src * 'unsafe-inline' 1
default-src 'self'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' exeter.edu *.cincopa.com  www.google-analytics.com cdn.ckeditor.com www.google.com cse.google.com www.googleapis.com www.googletagmanager.com support.ebscohost.com ajax.googleapis.com maxcdn.bootstrapcdn.com bam.nr-data.net js-agent.newrelic.com code.jquery.com www.youtube.com s.ytimg.com platform.instagram.com static.tagboard.com platform.twitter.com cdn.syndication.twimg.com calendar.exeter.edu; object-src 'self'; style-src 'self' 'unsafe-inline' exeter.edu *.cincopa.com cdn.ckeditor.com www.google.com platform.twitter.com; img-src 'self' data: *.cincopa.com cdn.ckeditor.com www.google.com cse.google.com www.google-analytics.com www.googleapis.com clients1.google.com syndication.twitter.com pbs.twimg.com; media-src 'self' ; frame-src www.google.com www.youtube.com player.vimeo.com *.exeter.edu cse.google.com www.googletagmanager.com www.instagram.com embeds.tagboard.com platform.twitter.com syndication.twitter.com youtube.com; font-src 'self' data: cincopa.com; connect-src 'self' *.cincopa.com www.google-analytics.com syndication.twitter.com; report-uri /admin/config/system/seckit/csp-report 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://mvoazvslzlsvbpoepe2o2a3g.httpschecker.net/report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=998f1da8-4b96-4451-9729-2c2510a13cbf&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: 'unsafe-inline' 'unsafe-eval' data:; report-uri https://www0mansion0review0jp.report-uri.com/r/d/csp/reportOnly; 1
script-src https://www.myprotein.es https://m.myprotein.es 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.es/cspReport.txt; 1
img-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.govexec.com/api/report-csp-error/ 1
script-src https://www.allsole.com https://m.allsole.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.allsole.com/cspReport.txt; 1
default-src https: 'unsafe-inline' 'unsafe-eval' wss://jobsv3.wort.lu/api/v1/sites/pt/latina/playlistUpdates; img-src https: data:; media-src https: blob:; font-src https: data:; report-uri https://www.wort.lu/report 1
default-src https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://n-cdn-origin.areyouahuman.com https://n-distil.areyouahuman.com https://*.doubleclick.net https://www.google-analytics.com https://csi.gstatic.com https://iccp-errorlogger.tmol.io https://iccp-errorlogger-aunz.tmol.io https://venue.tmol.co https://mapsapi.tmol.co https://ismds-intl.tmol.io; img-src * data:; style-src 'self' 'unsafe-inline'; font-src https://uk.tmconst.com; frame-src 'self' https://www.youtube.com https://www.google.com/recaptcha/ https://n-distil.areyouahuman.com https://plugin.monotote.com https://*.googlesyndication.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.ticketmaster.co.uk https://www.ticketmaster.ie https://www.ticketmaster.com.au https://www.ticketmaster.co.nz https://cdn.polyfill.io/v2/polyfill.min.js https://uk.tmconst.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com https://c.evidon.com https://www.google-analytics.com https://*.monetate.net https://adservice.google.co.uk https://*.doubleclick.net https://n-cdn-origin.areyouahuman.com https://n-distil.areyouahuman.com https://www.googletagservices.com https://adservice.google.com https://*.googlesyndication.com https://www.googleadservices.com https://*.collect.igodigital.com https://cdn.distiltag.com; frame-ancestors 'self'; report-uri https://iccp-errorlogger.tmol.io/api/reports 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mjiJf61FB7YnxKQktFvDjCoOMU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /i/csp-report 1
default-src 'self' oppenheimerfunds.com *.oppenheimerfunds.com oppenheimerfunds.net *.oppenheimerfunds.net ofiglobal.com *.ofiglobal.com *.addthis.com *.addthisedge.com *.brightcove.net *.brightcove.com *.demdex.net *.doubleclick.net *.idio.co *.facebook.net www.facebook.com/ *.google.com *.googletagmanager.com *.googlesyndication.com *.linkedin.com *.licdn.com *.morningstar.com ofi-digitalmedia-accentassets-prod-ue1.s3.amazonaws.com *.optimizely.com *.pulseinsights.com *.tealiumiq.com *.twitter.com *.ads-twitter.com *.zencdn.net blob: data:; base-uri 'self' oppenheimerfunds.com *.oppenheimerfunds.com oppenheimerfunds.net *.oppenheimerfunds.net ofiglobal.com *.ofiglobal.com; font-src 'self' oppenheimerfunds.com *.oppenheimerfunds.com oppenheimerfunds.net *.oppenheimerfunds.net ofiglobal.com *.ofiglobal.com *.gstatic.com data:; img-src 'self' oppenheimerfunds.com *.oppenheimerfunds.com oppenheimerfunds.net *.oppenheimerfunds.net ofiglobal.com *.ofiglobal.com *.akamaihd.net *.brightcove.com *.brightcove.net *.demdex.net *.doubleclick.net *.everesttech.net *.facebook.com *.googletagmanager.com *.googleapis.com *.googlesyndication.com *.gstatic.com *.idio.co t.co *.tealiumiq.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' oppenheimerfunds.com *.oppenheimerfunds.com oppenheimerfunds.net *.oppenheimerfunds.net ofiglobal.com *.ofiglobal.com *.addthis.com *.addthisedge.com *.brightcove.net *.brightcove.com *.doubleclick.net *.facebook.net *.gstatic.com *.google.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com *.idio.co *.licdn.com *.linkedin.com *.optimizely.com *.pulseinsights.com *.tiqcdn.com *.twitter.com *.ads-twitter.com *.zencdn.net blob: data:; style-src 'unsafe-inline' 'self' oppenheimerfunds.com *.oppenheimerfunds.com oppenheimerfunds.net *.oppenheimerfunds.net ofiglobal.com *.ofiglobal.com *.googleapis.com; report-uri https://5ff27446038fbaae5d149ddf2f968b84.report-uri.com/r/d/csp/reportOnly 1
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://9a2118122033a14511d655c2e61579c2.report-uri.com/r/d/csp/reportOnly 1
default-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net; base-uri 'self'; block-all-mixed-content; child-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net www.facebook.com accounts.google.com apis.google.com js.stripe.com syndication.twitter.com www.youtube.com; connect-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net api.airbrake.io www.facebook.com in.hotjar.com wss://*.hotjar.com api.mixpanel.com api.stripe.com performance.typekit.net; font-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net fonts.gstatic.com use.typekit.net fonts.typekit.net fonts.googleapis.com data: about:; frame-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net www.facebook.com accounts.google.com apis.google.com js.stripe.com syndication.twitter.com www.youtube.com; img-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net www.facebook.com www.google-analytics.com www.google.com www.google.co.in bat.bing.com q.stripe.com syndication.twitter.com p.typekit.net www.googleadservices.com googleads.g.doubleclick.net www.kidsafeseal.com cdn.mxpnl.com data: about:; script-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net bat.bing.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com script.hotjar.com static.hotjar.com by2.uservoice.com s7.addthis.com cdnjs.cloudflare.com cdn.ampproject.org dnn506yrbagrg.cloudfront.net html5shim.googlecode.com www.google-analytics.com apis.google.com code.jquery.com cdn.mxpnl.com cdn.optimizely.com js.stripe.com use.typekit.net widget.uservoice.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.splashmath.com d3ojqz9vsge2vl.cloudfront.net djq5eqy4vbh27.cloudfront.net d3h481cjl8b44w.cloudfront.net d1n5c9e0gk9gm5.cloudfront.net js-agent.newrelic.com bam.nr-data.net connect.facebook.net vars.hotjar.com platform.twitter.com bid.g.doubleclick.net fonts.gstatic.com use.typekit.net fonts.typekit.net fonts.googleapis.com 'unsafe-inline'; report-uri /csp-report 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AJO3FBRUE6J4S:sid=257-2902576-9181964:rid=2B4K5BS3QRK8565BA7YB:sn=www.audible.in 1
script-src https://www.growgorgeous.com https://m.growgorgeous.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.growgorgeous.com/cspReport.txt; 1
default-src https: 'unsafe-inline' 'unsafe-eval' data:;report-uri /error/cspreport 1
script-src https://www.myprotein.co.in https://m.myprotein.co.in 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.co.in/cspReport.txt; 1
block-all-mixed-content; report-uri https://us3.nimblecommerce.com/csp-violation.action 1
script-src 'self' *.grabone.co.nz 'unsafe-inline' 'unsafe-eval' data: maps.googleapis.com ajax.googleapis.com www.googletagmanager.com tagmanager.google.com cdn.optimizely.com static.chartbeat.com js-agent.newrelic.com bam.nr-data.net www.google-analytics.com www.googleadservices.com tags.crwdcntrl.net secure-nz.imrworldwide.com static.criteo.net *.criteo.com web-sdk.urbanairship.com web-push-api.urbanairship.com storage.googleapis.com cdn.polyfill.io browser-update.org; style-src 'self' blob: *.grabone.co.nz 'unsafe-inline' tagmanager.google.com fonts.googleapis.com storage.googleapis.com; default-src web-push-api.urbanairship.com web-sdk.urbanairship.com bid.g.doubleclick.net *.criteo.com storage.googleapis.com blob: static.criteo.net *.grabone.co.nz data.apn.co.nz *.creativecdn.com 'self' data: secure-nz.imrworldwide.com www.youtube.com bcp.crwdcntrl.net; img-src 'self' data: *.grabone.co.nz *.cdn.grabone.com maps.googleapis.com ping.chartbeat.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.doubleclick.net www.google.com www.google.co.nz www.google.com.au www.google.co.uk bcp.crwdcntrl.net www.facebook.com static.criteo.net *.criteo.com secure-nz.imrworldwide.com android-webview-video-poster: android-webview: storage.googleapis.com; media-src 'self' *.grabone.co.nz data: storage.googleapis.com; child-src 'self' *.grabone.co.nz data: data.apn.co.nz www.youtube.com blob: bcp.crwdcntrl.net secure-nz.imrworldwide.com *.criteo.com static.criteo.net bid.g.doubleclick.net *.creativecdn.com web-sdk.urbanairship.com web-push-api.urbanairship.com storage.googleapis.com; connect-src 'self' *.grabone.co.nz 2149140224.log.optimizely.com rum.optimizely.com www.grabonebottle.co.nz web-sdk.urbanairship.com web-push-api.urbanairship.com *.googleapis.com *.newrelic.com *.google-analytics.com *.chartbeat.com *.googletagmanager.com *.gstatic.com browser-update.org; font-src 'self' *.grabone.co.nz fonts.gstatic.com data: storage.googleapis.com; report-uri https://f6v4mfnzug.execute-api.ap-southeast-2.amazonaws.com/prod/csp 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-8vlTJ6JSp3e7IbJMYDiBF75itZc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://gwiomvkwujbravektvcgec2v.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-t3Gxs5MyhXNfqd8mJit7ePFs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CsW1jY28x18fLgXtquxgr2FTbQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' www.youtube.com *.stripe.com *.addthis.com; script-src 'self' https://maps.googleapis.com/maps/api/ https://maps.gstatic.com/maps-api-v3/api/ d1ox703z8b11rg.cloudfront.net *.twitter.com *.twimg.com https://d1ox703z8b11rg.cloudfront.net 'unsafe-inline' www.google-analytics.com *.stripe.com https://apis.google.com/ 'unsafe-eval' maps.googleapis.com *.newrelic.com *.nr-data.net *.crisp.chat *.crisp.im https://www.youtube.com/iframe_api *.ytimg.com *.addthis.com *.addthisedge.com data: *.pinterest.com *.iubenda.com cdn.thinglink.me http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js https://www.thinglink.com *.instagram.com connect.facebook.net *.imgur.com *.flickr.com blob: cdn.headwayapp.co; worker-src blob: 'self'; font-src 'self' data: d1ox703z8b11rg.cloudfront.net https://client.crisp.chat; connect-src 'self' https://www.googleapis.com https://hstry-education-production.s3.amazonaws.com wss://www.sutori.com d1ox703z8b11rg.cloudfront.net *.stripe.com api.amplitude.com wss://*.crisp.chat https://*.crisp.chat *.addthis.com https://syndication.twitter.com/settings https://*.wikipedia.org geo.query.yahoo.com *.flickr.com https://owcqxq3rnb.execute-api.us-east-1.amazonaws.com/production/opengraph sentry.io; img-src 'self' data: * maps.googleapis.com https://maps.gstatic.com/mapfiles/api-3/images/ https://csi.gstatic.com/ https://i.ytimg.com *.addthis.com *.pinterest.com *.iubenda.com; style-src 'self' d1ox703z8b11rg.cloudfront.net platform.twitter.com 'unsafe-inline' https://client.crisp.chat *.iubenda.com cdn.thinglink.me https://ton.twimg.com cdn.headwayapp.co; media-src 'self' https://d1ox703z8b11rg.cloudfront.net d1ox703z8b11rg.cloudfront.net https://client.crisp.chat; child-src 'self' * https://www.sutori.com *.stripe.com https://accounts.google.com/o/oauth2/postmessageRelay https://accounts.google.com/o/oauth2/iframe https://www.google.com/ https://www.youtube-nocookie.com/embed/ https://www.youtube.com/embed/ *.addthis.com *.pinterest.com; manifest-src d1ox703z8b11rg.cloudfront.net; report-uri https://sutori.report-uri.com/r/d/csp/reportOnly; 1
default-src 'self'; script-src *.paperlessemployee.com/ *.cicplus.com/ https://paperlessemployee.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com/ https://translate.googleapis.com/ blob: 'unsafe-inline' 'unsafe-eval'; style-src *.paperlessemployee.com/ *.cicplus.com/ https://paperlessemployee.com/ https://use.fontawesome.com/ https://translate.googleapis.com/ https://fonts.googleapis.com/ data: 'unsafe-inline'; img-src *.paperlessemployee.com/ *.cicplus.com/ https://paperlessemployee.com/ https://www.gstatic.com/images/ https://translate.googleapis.com/ data: blob:; connect-src *.paperlessemployee.com/ *.cicplus.com/ http://www.paperlessemployee.com/ https://paperlessemployee.com/ http://paperlessemployee.com/ https://translate.googleapis.com/ wss: data:; font-src *.paperlessemployee.com/ *.cicplus.com/ https://paperlessemployee.com/ https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://use.fontawesome.com/ data:; frame-src https://paperlessemployee.com/ *.paperlessemployee.com/ www.paperlessemployee.com/ paperlessemployee.com/ http://www.cicplus.com *.cicplus.com/ https://www.google.com/recaptcha/ *.irs.gov/; frame-ancestors *.paperlessemployee.com/ https://paperlessemployee.com/ *.cicplus.com/; child-src *.paperlessemployee.com/ http://www.cicplus.com/ *.cicplus.com/ https://www.google.com/recaptcha/ *.irs.gov/; object-src *.paperlessemployee.com/ www.paperlessemployee.com/ paperlessemployee.com/ *.cicplus.com/ https://paperlessemployee.com/ data:; media-src *.paperlessemployee.com/ *.cicplus.com/; report-uri https://www.paperlessemployee.com/PE/ContentSecurityPolicyReport; report-to https://www.paperlessemployee.com/PE/ContentSecurityPolicyReport; 1
default-src https: 'self' *.google.com; img-src https: data:; style-src 'self' *.googleapis.com *.google.com 'sha256-MammJ3J+TGIHdHxYsGLjD6DzRU0ZmxXKZ2DvTePAF0o=' 'sha256-6iA6WDOL1mgUULZ6GSs2OOfP4eMuu6iI5agxCjK2m2A=' 'sha256-+zzuded9+DHoztKyASJeCkVU0gxvYNWMUIQM7x//CB4=' 'sha256-ldCXMle1JJUAD9eAjLdSuPIgIBcTcBecWlaXs0A2y4M=' 'sha256-WCg1a4AhMGgFRCQG5w+hgG+Q2j8Ygrbd+2dgjByIOIU=' 'sha256-Awu6hl63MCY3jiYHaDclrL7Lic9KcEalXm2o/i3e0v8=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-/4YlUlisxufO6wbKvYp4xV8Hkzxm85+1Tb31SjmAox0=' 'sha256-a2VR/Wq1VPr0+3GRY+lEmAQm7wjwwnDtPpcCPs2zTrw=' 'sha256-/VVOq+Ws/EiUxf2CU6tsqsHdOWqBgHSgwBPqCTjYD3U=' 'sha256-5KvpSTE2xdGq8rDdvgAPP3mCfTXBc1ohjt2UiAQt9k4=' 'sha256-UvsJ5gtL0c/whxmyVt4YoNv7YnPUd0tANZOlq3NshXE=' 'sha256-z0kguVeUlbcxez4SqrO86oejphhqKDFfdCPv4yuhe70=';  script-src 'self' https: 'nonce-ac1524ac05a64d1a8d9413a659b9b3fb'; report-uri /csp-report 1
default-src 'self'; connect-src https://sketchboard.me wss://sketchboard.me https://api.mixpanel.com; font-src 'self' https://d1sqtd1h3vkwkp.cloudfront.net; img-src *; media-src https://s3-eu-west-1.amazonaws.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://d1sqtd1h3vkwkp.cloudfront.net http://www.google-analytics.com http://www.googletagmanager.com http://www.googleadservices.com; style-src 'unsafe-inline' 'self' https://d1sqtd1h3vkwkp.cloudfront.net; report-uri /lift/content-security-policy-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bjlVVR510eaSbmwjJJFmrhTHw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self'; frame-src *.facebook.com *.zanox.ws; style-src 'unsafe-inline' fonts.googleapis.com/css *.reifen.com; script-src 'unsafe-eval' 'unsafe-inline'  *.zanox.ws *.google-analytics.com *.facebook.net *.uptrendsdata.com *.newrelic.com *.zanox.com *.reifen.com *.googleadservices.com *.nr-data.net *.doubleclick.net *.googletagmanager.com *.etracker.com *.etracker.de apps.shopauskunft.de seal.verisign.com ajax.googleapis.com; img-src data: *; font-src 'self' fonts.gstatic.com *.reifen.com reifen.com; connect-src * ; report-uri /de/home/CspLogging 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net daz08cxgtpxxc.cloudfront.net d1v224g40dbxxy.cloudfront.net fonts.googleapis.com en-us.eaglemoss.com fonts.gstatic.com www.googletagmanager.com eagle11134.pcapredict.com cdnjs.cloudflare.com maxcdn.bootstrapcdn.com connect.facebook.net services.postcodeanywhere.co.uk staticxx.facebook.com reporting.eaglemoss.com img.youtube.com www.facebook.com dis.eu.criteo.com static.criteo.net stats.g.doubleclick.net www.google-analytics.com goverseer.wishpond.com jambo.wishpond.com cdn.wishpond.net www.wishpond.com vars.hotjar.com api.optmnstr.com ct.pinterest.com www.google.com snapsmedia.io in.hotjar.com embedded.wishpondpages.com www.youtube.com platform.twitter.com syndication.twitter.com pbs.twimg.com ton.twimg.com www.w3.org abs.twimg.com a.optmnstr.com bid.g.doubleclick.net gum.criteo.com z.optmnstr.com cdn.lightwidget.com 8793740.fls.doubleclick.net webfonts.zohostatic.com ws1.hotjar.com api.optmstr.com a.mstrlytcs.com web.facebook.com psr.fuel451.com ws5.hotjar.com lightwidget.com www.lightwidget.com server.adform.net payment.pay3.secured-by-ingenico.com ws3.hotjar.com; img-src *; object-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.jsdelivr.net daz08cxgtpxxc.cloudfront.net d1v224g40dbxxy.cloudfront.net fonts.googleapis.com en-us.eaglemoss.com fonts.gstatic.com www.googletagmanager.com eagle11134.pcapredict.com cdnjs.cloudflare.com maxcdn.bootstrapcdn.com connect.facebook.net services.postcodeanywhere.co.uk staticxx.facebook.com widget.eu.criteo.com sslwidget.criteo.com static.criteo.net www.google-analytics.com a.optmnstr.com s.pinimg.com script.hotjar.com googleads.g.doubleclick.net cdn.wishpond.net www.googleadservices.com a.optmstr.com pixel.snapsmedia.io static.hotjar.com cdn.syndication.twimg.co cdn.syndication.twimg.com platform.twitter.com ajax.googleapis.com cdn.fuelx.com www.lightwidget.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://code.jquery.com https://maxcdn.bootstrapcdn.com https://unpkg.com unpkg.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com fonts.gstatic.com daz08cxgtpxxc.cloudfront.net d1v224g40dbxxy.cloudfront.net services.postcodeanywhere.co.uk platform.twitter.com ton.twimg.com ajax.googleapis.com cdn.jsdelivr.net https://cdnjs.cloudflare.com; report-uri https://avatarnewyork.report-uri.com/r/d/csp/reportOnly 1
block-all-mixed-content; frame-ancestors 'self'; report-uri https://sentry.exponea.com/api/11/csp-report/?sentry_key=7635aced4522486797170a2ad4502b33 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=9fa836b1-441a-44e0-853d-310013156845&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
report-uri /csp-report?p=; block-all-mixed-content; connect-src 'self' https://runkit.com https://www.facebook.com/tr/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com; frame-src 'self' https://runkit.com https://platform.twitter.com https://syndication.twitter.com https://connect.facebook.net/ https://js.stripe.com; media-src 'self' https://d37ugbyn3rpeym.cloudfront.net; script-src 'self' 'nonce-ICBJz3blU2KqkYMf372s6g==' https://embed.runkit.com https://platform.twitter.com/widgets.js https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://ga.clearbit.com/v1/ga.js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtm.js 'sha256-imsFFurH1ga4dD0qKUrFgho9H3IWz4uSv9zqGPhDauo=' 'sha256-hOAiTeVRh1G6sL37DRPcchapAacG4IsPVHh/NWUtqzY=' 'sha256-xCVAFjvclbG6Z0PLN11uLptfgK7kytY1ciHdDJwZhrQ=' 'sha256-0cbzpPToyinPtZRkh8nit24VtCOx9DV0QrXA0aSbexs=' 'unsafe-eval' https://js.stripe.com 'report-sample'; img-src 'self' data: https://www.facebook.com/tr/ https://stats.g.doubleclick.net/r/collect https://www.google.com/ads/ga-audiences https://www.google-analytics.com/r/collect https://www.google-analytics.com/collect https://dc.ads.linkedin.com/collect/ https://www.linkedin.com/px/ https://px.ads.linkedin.com https://q.stripe.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net/t/1.css; font-src 'self' data:; form-action https://platform.twitter.com https://syndication.twitter.com https://syndication.twitter.com/i/jot https://connect.facebook.net/log/fbevents_telemetry/ 1
default-src 'self' https://*.ruvilla.com https://*.dtlr.com https://bam.nr-data.net wss://*.zopim.com https://*.zendesk.com https://*.gstatic.com https://*.gravatar.com/ https://*.powerreviews.com https://*.google-analytics.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.ruvilla.com https://*.dtlr.com https://ruvilla.queue-it.net https://assets.queue-it.net https://static.queue-it.net https://www.pepperjamnetwork.com https://code.jquery.com https://analytics.twitter.com https://bat.bing.com https://static.ads-twitter.com https://twitter.com https://js.gleam.io https://*.zenaps.com https://*.veinteractive.com https://*.facebook.net https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://*.googleapis.com https://translate.google.com https://*.google-analytics.com https://www.gstatic.com https://tpc.googlesyndication.com https://*.getsidecar.com https://www.dwin1.com https://*.cloudfront.net https://*.zendesk.com https://*.zdassets.com https://*.listrakbi.com https://*.curalate.com https://*.newrelic.com https://*.nr-data.net https://*.zopim.com https://*.powerreviews.com https://*.iesnare.com https://*.rawgit.com https://*.cloudflare.com https://*.datatables.net; style-src 'self' 'unsafe-inline' https://*.ruvilla.com https://*.dtlr.com https://cdn.listrakbi.com https://*.bootstrapcdn.com https://*.powerreviews.com https://*.googleapis.com https://cdn.joinhoney.com; img-src data: https://*.ruvilla.com https://*.dtlr.com https://use.fontawesome.com https://res.cloudinary.com https://*.zenaps.com https://*.pinterest.com https://*.veinteractive.com https://www.paypalobjects.com https://www.xtento.com https://widgets.magentocommerce.com http://www.google.com https://translate.google.com https://translate.googleapis.com https://www.google.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://www.googletagmanager.com https://*.googlesyndication.com https://i.ytimg.com https://www.awin1.com https://c1.adform.net https://bam.nr-data.net https://ib.adnxs.com https://cm.adform.net https://*.dtlr.com https://www.facebook.com https://t.co https://bat.bing.com https://secure.adnxs.com https://*.cloudfront.net/ https://*.listrakbi.com https://*.powerreviews.com https://*.zopim.com  https://*.gstatic.com https://secure.gravatar.com https://cdn.joinhoney.com; font-src 'self' data: https://*.ruvilla.com https://*.dtlr.com https://*.zopim.com https://storage.googleapis.com https://fonts.gstatic.com https://*.bootstrapcdn.com https://cdn.joinhoney.com https://use.fontawesome.com; connect-src 'self' data: https://*.ruvilla.com https://*.dtlr.com wss://www.ruvilla.com/ wss://www.dtlr.com https://api.ipify.org https://code.jquery.com https://*.zenaps.com https://api.curalate.com https://*.powerreviews.com https://www.google.com https://www.google-analytics.com https://*.doubleclick.net https://*.veinteractive.com https://awsui.powerreviews.com https://villacustserv.zendesk.com https://*.zdassets.com wss://*.zopim.com https://*.zopim.com https://bam.nr-data.net; frame-src 'self' data: https://*.ruvilla.com https://*.dtlr.com https://*.veinteractive.com https://*.facebook.com https://*.facebook.net https://www.instagram.com https://*.kaptcha.com https://www.google.com https://www.googletagmanager.com https://translate.googleapis.com https://*.googlesyndication.com https://www.youtube.com https://*.zenaps.com https://t.pepperjamnetwork.com https://gleam.io https://*.twitter.com; media-src 'self' data: https://www.ruvilla.com https://www.dtlr.com; report-uri https://remote-monitoring.ruvilla.com/notify-csp-reports.php 1
default-src * 'unsafe-inline' 'unsafe-eval'; report-uri https://fls-na.amazon.com/1/batch/2/OE/mid=AF2M0KC94RCEA:sid=136-2554893-7059235:rid=6C52HGXTWZXWHB2CCWS1:sn=www.audible.com 1
img-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.defenseone.com/api/report-csp-error/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mPjWvW5czV4xHRAJf79U8zQjE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' 'unsafe-inline' code.jquery.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net cdnjs.cloudflare.com gitcdn.github.io www.google-analytics.com; style-src 'self' 'unsafe-inline' code.jquery.com maxcdn.bootstrapcdn.com gitcdn.github.io cdnjs.cloudflare.com; img-src 'self' data: www.google-analytics.com code.jquery.com; font-src 'self' maxcdn.bootstrapcdn.com fonts.gstatic.com; connect-src 'self' www.google-analytics.com firebasestorage.googleapis.com https://api.github.com https://discordapp.com; media-src 'none'; object-src 'none'; child-src 'self'; worker-src 'self'; frame-src 'none'; frame-ancestors 'none'; form-action 'self'; block-all-mixed-content; upgrade-insecure-requests; report-uri https://ffbeequip.report-uri.com/r/d/csp/reportOnly 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.fr ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.fr *.spreadshirt.fr ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.fr ; font-src 'self' https: *.spreadshirt.fr ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.fr ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.fr ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://exxlvxekmlortdekslt7plsb.httpschecker.net/report 1
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com freegeoip.net bam.nr-data.net cdn.heapanalytics.com heapanalytics.com cdn.segment.com cdn.pubnub.com pi.pardot.com js-agent.newrelic.com connect.facebook.net www.googleadservices.com googleads.g.doubleclick.net d36mpcpuzc4ztk.cloudfront.net d2sdf28wg0skh3.cloudfront.net *.pusher.com *.pusherapp.com secure.gravatar.com boards.greenhouse.io pubnub.github.io *.wistia.com *.freshdesk.com cdnjs.cloudflare.com gist.github.com src.litix.io *.twitter.com *.wistia.net cdn.syndication.twimg.com platform.vine.co codepen.io code.jquery.com netdna.bootstrapcdn.com ajax.googleapis.com pubnub.s3.amazonaws.com www.youtube.com s.ytimg.com www.brighttalk.com cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' data: *.google-analytics.com *.google.com heapanalytics.com *.facebook.com d36mpcpuzc4ztk.cloudfront.net secure.gravatar.com googleads.g.doubleclick.net stats.g.doubleclick.net pubnub.github.io fonts.googleapis.com cdnjs.cloudflare.com assets-cdn.github.com netdna.bootstrapcdn.com rawgit.com http://s3.scalabl3.com platform.twitter.com; img-src * data:; connect-src  'self' pubnub.com *.pubnub.com http://*.pubnub.com chat.freshdesk.com wss://chat.freshdesk.com api.segment.io maps.googleapis.com *.pusher.com  wss://*.pusherapp.com *.pusherapp.com *.facebook.com *.tiles.mapbox.com *.wistia.com fg8vvsvnieiv3ej16jby.litix.io embedwistia-a.akamaihd.net syndication.twitter.com go.pardot.com in8yfl3bus-dsn.algolia.net in8yfl3bus-1.algolianet.com insights.algolia.io; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fast.wistia.com netdna.bootstrapcdn.com; media-src 'self' pubnub.com *.pubnub.com blob: d36mpcpuzc4ztk.cloudfront.net embedwistia-a.akamaihd.net pubnub-prod.appspot.com; report-uri /csp-report-uri/; child-src 'self' pubnub.com *.pubnub.com fast.wistia.com *.google.com *.g.doubleclick.net www.youtube.com boards.greenhouse.io pubnub.desk.com giphy.com player.vimeo.com w.soundcloud.com www.facebook.com platform.twitter.com vine.co pubnub.github.io stephenlb.github.io songhowon.com www.kickstarter.com codepen.io syndication.twitter.com http://www.tmcnet.com jsfiddle.net pubnub-demo.s3.amazonaws.com www.brighttalk.com; form-action 'self' *.pubnub.com/ www.facebook.com *.twitter.com; frame-ancestors 'self' 1
default-src 'self' https: wss: data: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-flzxXKt3dTvyeidhafkvTwcw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https://healthengine.com.au https://*.healthengine.com.au https://d2g92a8pyizotc.cloudfront.net https://ds85ahg0xxb4i.cloudfront.net https://d3o6iw1i9icjwo.cloudfront.net https://d3j3gy15otidth.cloudfront.net https://*.adobedtm.com https://*.tt.omtrdc.net https://*.demdex.net https://*.everesttech.net https://dev.appboy.com https://js.appboycdn.com https://cdn.branch.io https://api.branch.io https://app.link https://*.google.com https://*.google.com.au https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.googletagservices.com https://*.google-analytics.com https://*.gstatic.com https://*.g.doubleclick.net https://*.googlesyndication.com https://*.youtube.com https://cdnjs.cloudflare.com https://*.bootstrapcdn.com https://cdn.ravenjs.com https://files.healthengine.com.au.s3-ap-southeast-2.amazonaws.com https://healthengine.imgix.net https://*.hotjar.com https://www.linkedin.com https://platform.linkedin.com https://static.licdn.com https://platform.twitter.com https://syndication.twitter.com https://bat.bing.com 'unsafe-inline' 'unsafe-eval' data:; report-uri https://hesecurity.report-uri.com/r/d/csp/reportOnly; report-to https://hesecurity.report-uri.com/r/d/csp/reportOnly; 1
script-src 'self' 'unsafe-eval' 'unsafe-inline' about: blob: data: https://*.salesforceliveagent.com https://c.disquscdn.com https://connect.facebook.net https://disqus.com https://fast.wistia.com https://freelanceadvisor.disqus.com https://metrics.responsetap.com https://pi.pardot.com https://px.ads.linkedin.com https://script.hotjar.com https://static-ssl.responsetap.com https://static.hotjar.com https://www.crunch.uk https://www.google-analytics.com https://www.googletagmanager.com https://www.linkedin.com https://storage.googleapis.com; style-src 'self' 'unsafe-inline' https://c.disquscdn.com; frame-ancestors 'none'; default-src 'self' https://disqus.com https://c.disquscdn.com https://*.crunch.co.uk; frame-src 'self' https://*.crunch.co.uk https://connect.facebook.net https://disqus.com https://fast.wistia.com https://go.pardot.com https://vars.hotjar.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube.com; img-src 'self' data: *; connect-src 'self' https://api.mixpanel.com https://distillery.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fg8vvsvnieiv3ej16jby.litix.io https://insights.hotjar.com https://pipedream.wistia.com https://stats.g.doubleclick.net https://www.google-analytics.com wss://*.hotjar.com; object-src 'self' blob:; media-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com; report-to /platform-api/csp-violations/report/; report-uri /platform-api/csp-violations/report/; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://twdzj4nvbzfx1wmvg3gy17a3.httpschecker.net/report 1
frame-src 'self' https://www.facebook.com https://connect.facebook.net https://www.youtube.com https://player.vimeo.com https://www.ukraine.com.ua https://adm.tools https://adm.lcl https://login.tools https://apis.google.com https://accounts.google.com https://www.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googleadservices.com https://connect.facebook.net https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://code.highcharts.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com https://www.gstatic.com https://googletagmanager.com https://maps.google.com https://maps.googleapis.com https://translate.google.com 'report-sample'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' data: https://fonts.gstatic.com;  default-src 'self' 'unsafe-inline' 'report-sample'; img-src 'self' data: https://www.facebook.com https://www.google.com https://www.google.com.ua https://www.google-analytics.com https://stats.g.doubleclick.net; connect-src https://adm.tools https://adm.lcl https://www.ukraine.com.ua https://cdn.ukraine.com.ua:3001 https://login.tools wss://cdn.ukraine.com.ua:3001 https://www.google-analytics.com https://stats.g.doubleclick.net; report-uri https://sentry.adm.tools/api/4/security/?sentry_key=cd4a73d9e9a3475187c201c24a2c4576 1
script-src https://www.zavvi.es https://m.zavvi.es 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://fp.zenaps.com https://pagead2.googlesyndication.com https://securepubads.g.doubleclick.net; report-uri https://www.zavvi.es/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ua4tikZ4EIqvLfHVlqOSDmQplA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SvmDQJuRV28pODhfqn0chSXA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://1pf4ewppz1b3vnhthw0epu6e.httpschecker.net/report; report-to https://1pf4ewppz1b3vnhthw0epu6e.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zNPKEyEstxu1U5HIFNsl4086Q'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
block-all-mixed-content; report-uri https://freeml.report-uri.com/r/t/csp/reportOnly 1
default-src 'self'; img-src *; style-src 'self' www.warime.com 'unsafe-inline'; script-src 'self' www.warime.com 'unsafe-inline' 'unsafe-eval' 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=426d2523-c953-4e6f-94fe-60e9b58c5645&version=f767f246425966302215d0f72207a5c75609bbc0 1
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://www.jablonet.net https://connect.facebook.net https://chat.jablonet.net https://chatsk.jablonet.net; report-uri https://files.jablonet.net/security-policy/csp.php; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=df7967b6-b951-4f92-9241-631e16a70d51&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-GM4WtULkrdVafrfZBhEu737dA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://lj16lrxasx5zk09pxyurdbgf.httpschecker.net/report 1
report-uri https://www.childcare.co.uk/app/csp-reports; default-src blob: data: https: 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://platform.twitter.com https://cdn.ampproject.org https://cdnjs.cloudflare.com https://code.jquery.com https://js.recurly.com https://www.gstatic.com https://ajax.googleapis.com https://oss.maxcdn.com https://connect.facebook.net https://d1l6p2sc9645hc.cloudfront.net https://*.gosquared.com https://*.childcare.co.uk https://*.trustpilot.com https://*.doubleclick.net https://cdn.ckeditor.com 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.co.uk&source%5Bsection%5D=brochure&source%5Buuid%5D=ae0b0d226497426af2a91dc4896973a4 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://tyw5jbarjp5eurkuu1s2hzfi.httpschecker.net/report 1
default-src 'self' *.worlddancesport.org www.google-analytics.com staticxx.facebook.com; font-src 'self' data: cdnw.worlddancesport.org fonts.gstatic.com; connect-src 'self' clients6.google.com dc.services.visualstudio.com *.addthis.com www.google-analytics.com stats.g.doubleclick.net; style-src 'unsafe-inline' *.worlddancesport.org www.google.com browser-update.org; img-src data: *.worlddancesport.org *.ytimg.com *.facebook.com *.google.com *.calameoassets.com *.vimeocdn.com *.gstatic.com stats.g.doubleclick.net www.google-analytics.com www.googleapis.com browser-update.org; script-src 'self' 'unsafe-inline' cdnw.worlddancesport.org az416426.vo.msecnd.net *.facebook.com *.facebook.net *.twitter.com *.addthis.com *.addthisedge.com *.google.com www.googleapis.com www.google-analytics.com browser-update.org; child-src 'self' cdnb.worlddancesport.org *.facebook.com *.twitter.com *.addthis.com *.google.com www.youtube.com player.vimeo.com www.saferpay.com; upgrade-insecure-requests; report-uri https://7ab93b867c81f64df54af5d5e2cd45ea.report-uri.com/r/d/csp/reportOnly 1
script-src *.akamaihd.net *.annies-publishing.com *.bing.com *.brightcove.com *.brightcove.net *.cj.com *.eccmp.com *.emjcd.com *.facebook.com *.facebook.net *.google-analytics.com *.google.com *.googleadservices.com *.googletagmanager.com googleads.g.doubleclick.net *.googleapis.com *.gstatic.com *.pingdom.net *.pinterest.com *.shareasale.com *.typekit.net *.zencdn.net cdnjs.cloudflare.com code.jquery.com seal-easttexas.bbb.org *.criteo.net *.criteo.com 'self' 'unsafe-inline' 'unsafe-eval'; worker-src blob://* data://*; connect-src *.akamaihd.net *.annies-publishing.com *.bing.com *.brightcove.com *.brightcove.net *.cj.com *.eccmp.com *.emjcd.com *.facebook.com *.facebook.net *.google-analytics.com *.google.com *.googleadservices.com *.googletagmanager.com googleads.g.doubleclick.net *.googleapis.com *.gstatic.com *.pingdom.net *.pinterest.com *.shareasale.com *.typekit.net *.zencdn.net cdnjs.cloudflare.com code.jquery.com seal-easttexas.bbb.org *.criteo.net *.criteo.com; report-uri /ajax/content_policy_violation.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Fl93TweMtMEyj2Ur3B0JL4VdkQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-et21xfbtHp0CpKNz3mXPg1yaSg0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' blob:; script-src 'self' 'unsafe-eval' tags.tiqcdn.com tags.tiqcdn.cn secure.insightexpressai.com browser-update.org js-agent.newrelic.com https://bam.nr-data.net bam.nr-data.net api.swiftype.com platform.twitter.com www.dsply.com gateway.answerscloud.com s.cr-nielsen.com dpm.demdex.net qualcomm.sc.omtrdc.net cdn.tagmanager.cn stats.ipinyou.com *.baidu.com players.brightcove.net *.akamaihd.net gateway.answerscloud.com blob:; object-src t.hypers.com.cn; style-src 'self' 'unsafe-inline' gateway.answerscloud.com; img-src 'self' data: aa.qualcomm.cn www.qualcomm.com https://www.qualcomm.com pt-corpmktg.qualcomm.com qualcomm.sc.omtrdc.net sb.scorecardresearch.com metrics.brightcove.com *.nr-data.net analytics.twitter.com t.co controller.4seeresults.com events.foreseeresults.com www.dsply.com *.baidu.com ds-aksb-a.akamaihd.net gateway.answerscloud.com; media-src 'self' blob: https: secure.brightcove.com; frame-src 'self' www.youtube.com gateway.answerscloud.com t.hypers.com.cn s.cr-nielsen.com boscdn.bpc.baidu.com; font-src 'self' data: https: vjs.zencdn.net; connect-src 'self' *.nr-data.net https://edge.api.brightcove.com https://edge-elb.api.brightcove.com http://c.brightcove.com device.4seeresults.com; report-uri /admin/config/system/seckit/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3qbiYsUTvl5Klewl43zEWEM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6U740ipBawWa2tKUqBrzFzeUElI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-KdRHsfXlCYmRoR0anueD0vJq38'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-X31KXuAltndLGAY26y6yfleW9AQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-o3KOrHB4QTX6jgrkgH0PrDjZpRs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=d7b45b76-56ab-4b83-8ba5-0351bed7c1d5&version=62c29f3d39b5035178b711ed93129e9757ef18d0 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=e9e65848-a6f7-4d3c-9214-fce390743606&version=62c29f3d39b5035178b711ed93129e9757ef18d0 1
default-src 'self'; script-src 'self' www.google-analytics.com tagmanager.google.com www.googletagmanager.com maps.googleapis.com *.segmint.net *.bizographics.com cdn.timetrade.com *.youtube.com *.linkedin.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' tagmanager.google.com www.googletagmanager.com fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: www.google-analytics.com *.g.doubleclick.net maps.googleapis.com *.gstatic.com i.ytimg.com jwpltx.com; connect-src 'self' www.google-analytics.com *.g.doubleclick.net *.segmint.net; frame-src 'self' tagmanager.google.com www.googletagmanager.com *.segmint.net *.timetrade.com *.timetradesystems.com www.fintactix.net appvault.com *.serversidegraphics.com us.personalcard.net; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; report-uri /csp-report.do 1
default-src 'self' *.disquscdn.com discus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'  *.googleapis.com *.marketo.net *.google-analytics.com  *.google.com *.linkedin.com  *.marketo.com play.vidyard.com dev.visualwebsiteoptimizer.com  *.googletagmanager.com *.googleadservices.com *.mktoresp.com sjs.bizographics.com static.ads-twitter.com vidassets.terminus.services *.twitter.com *.snapengage.com *.doubleclick.net api.company-target.com *.demandbase.com *.cloudfront.net *.disqus.com *.disquscdn.com disqus.com discuscdn.com *.newrelic.com bam.nr-data.net client.netmng.com js.bizographics.com bat.bing.com caveracode.netmng.com  s.swiftypecdn.com; object-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com cloud.typography.com cdnjs.cloudflare.com *.marketo.com scripts.demandbase.com *.disqus.com *.disquscdn.com s.swiftypecdn.com; img-src 'self' data: *; media-src 'self' www.youtube.com *.snapengage.com; frame-src 'self' www.youtube.com *.google.com www.facebook.com platform.twitter.com careers.lifeatca.com *.snapengage.com b.company-target.com app-abd.marketo.com *.doubleclick.net play.vidyard.com *.disqus.com disqus.com; font-src 'self' data: *; connect-src 'self' *.mktoresp.com *.marketo.com api.company-target.com *.disqus.com *.discuscdn.com *.google-analytics.com search-api.swiftype.com s.swiftypecdn.com; report-uri /report-csp-violation 1
default-src 'none'; connect-src 'self'; font-src 'self' data:; frame-src 'self' https://go.pardot.com https://www.youtube.com; img-src 'self' data: https://scontent.cdninstagram.com https://www.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net; media-src 'self' https://www.youtube.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://ajax.googleapis.com https://www.googletagmanager.com https://pi.pardot.com https://translate.google.com https://translate.googleapis.com; style-src 'self' 'unsafe-inline' https://translate.googleapis.com; worker-src 'none'; base-uri 'none'; form-action 'self'; frame-ancestors 'self'; 1
default-src 'self'; connect-src 'self' https://api.sbab.se https://in.hotjar.com https://dev.visualwebsiteoptimizer.com; font-src 'self' https://maxcdn.bootstrapcdn.com https://bloggen.sbab.se; frame-src https://www.youtube.com https://*.rfihub.com https://syndication.twitter.com https://platform.twitter.com https://embed.bambuser.com https://in.hotjar.com https://vars.hotjar.com; img-src 'self' https://syndication.twitter.com https://platform.twitter.com https://*.twimg.com https://www.sbab.se https://bloggen.sbab.se https://i.ytimg.com https://aa.agkn.com https://ads.yahoo.com https://simage2.pubmatic.com https://*.g.doubleclick.net https://us-u.openx.net https://www.google.com https://*.rfihub.com https://d.agkn.com https://dev.visualwebsiteoptimizer.com https://dsum-sec.casalemedia.com https://ib.adnxs.com https://o.adtriba.com https://pixel.rubiconproject.com https://soma.smaato.net https://sync.search.spotxchange.com https://tapestry.tapad.com https://www.facebook.com https://www.google-analytics.com https://www.google.se https://ssl.google-analytics.com https://x.bidswitch.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://track.adform.net https://platform.twitter.com https://cdn.syndication.twimg.com https://bloggen.sbab.se https://s.ytimg.com https://a.rfihub.com/idr.js https://c1.rfihub.net/js/tc.min.js https://cdn.adtriba.com/v2/adtriba.js https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/677988019016414 https://dev.visualwebsiteoptimizer.com https://script.hotjar.com https://static.hotjar.com https://www.youtube.com/iframe_api https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtm.js https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline' https://platform.twitter.com https://ton.twimg.com http://fonts.googleapis.com https://bloggen.sbab.se https://maxcdn.bootstrapcdn.com https://bloggen.sbab.se/wp-content/themes/wpex-luxmag_1.0 https://bloggen.sbab.se/wp-content/themes/wpex-luxmag_1.0/css/; report-uri https://sbab.report-uri.com/r/d/csp/reportOnly 1
script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; report-uri /csp-report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=8485151f-0221-4d6f-9dff-067e36b55a65&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://mzltpstcgjp0wwwz2vlitcqy.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4qdulbeqUItIsREj8Y5Zwk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: 'unsafe-inline'; report-uri https://t2nzrlhfwl.execute-api.ap-northeast-1.amazonaws.com/release/ 1
img-src https://pp.vk.me https://special.astrobl.ru https://www.astrobl.ru https://*.yandex.ru https://*.astrakhan.ru stat.sputnik.ru *.rambler.ru; script-src 'unsafe-inline' 'unsafe-eval' https://special.astrobl.ru https://thj.astrakhan.ru https://www.astrobl.ru *.yandex.ru gosmonitor.ru *.rambler.ru stat.sputnik.ru; style-src 'unsafe-inline' https://special.astrobl.ru https://www.astrobl.ru; font-src https://special.astrobl.ru https://www.astrobl.ru; media-src https://www.youtube.com https://vk.com; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://n5mcn64l2tp5piztj1c2b0wj.httpschecker.net/report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=b728cc88-d8e7-452e-9344-9ca44c25465c&version=df507506fab90b586a0c098cfae7b9995f2450e7 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.de&source%5Bsection%5D=brochure&source%5Buuid%5D=6100648de333a64c07d94bdbbdf7b2c2 1
default-src 'self'; font-src https://themes.googleusercontent.com/ 'self'; frame-src https://s-static.ak.facebook.com http://static.ak.facebook.com https://www.facebook.com; img-src *; object-src 'none'; script-src https://connect.facebook.net/ http://connect.facebook.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ http://browser-update.org/ https://www.google.com/ https://www.gstatic.com/recaptcha/ http://www.google.com/recaptcha/ 'unsafe-inline' 'unsafe-eval' 'self'; style-src https://www.google.com/ https://ajax.googleapis.com/ 'unsafe-inline' 'self'; report-uri /nelmio/csp/report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=73b3f2cf-2aa7-4316-8e9b-59f5490b0e31&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
script-src https://www.probikekit.co.uk https://m.probikekit.co.uk 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.probikekit.co.uk/cspReport.txt; 1
default-src https: blob: wss://*.zopim.com 'unsafe-inline' 'unsafe-eval' wss://*.studentflights.com.au:*; frame-ancestors *.calypso.net.au *.studentflights.com.au; report-uri /api/csp_report; img-src https: blob: data:; font-src https: blob: data:; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://eupxepxvfgwrvtpqtu86cm2q.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CDRWqO03lP11hrmtNT0PT5q3bI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1nS7HIuqXKEVigWecCn27kF7liY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pGA7Oeww7i06rbvzZ82m73YcI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' *.tecnoempleo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tecnoempleo.com snap.licdn.com *.google-analytics.com *.linkedin.com *.recruitics.com *.gstatic.com *.twitter.com static.ads-twitter.com connect.facebook.net *.indeed.com www.googleadservices.com cdnjs.cloudflare.com code.jquery.com *.googleapis.com; frame-src 'self' *.tecnoempleo.com www.youtube.com *.recruitics.com *.redsys.es *.gstatic.com *.linkedin.com; form-action 'self' *.tecnoempleo.com *.redsys.es; font-src 'self' *.tecnoempleo.com *.gstatic.com *.google-analytics.com *.linkedin.com; style-src 'self' 'unsafe-inline' *.tecnoempleo.com *.googleapis.com cdnjs.cloudflare.com *.indeed.com; connect-src 'self' *.tecnoempleo.com *.google-analytics.com *.linkedin.com cdnjs.cloudflare.com stats.g.doubleclick.net; img-src 'self' data: *.tecnoempleo.com play.google.com *.google-analytics.com *.linkedin.com rd.trovit.com *.indeed.com stats.g.doubleclick.net google.com google.es; report-uri /csp-report/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PlcTz2eftNTsxdNTjZrk8LbNFY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.skinstore.com https://m.skinstore.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com; report-uri https://www.skinstore.com/cspReport.txt; 1
block-all-mixed-content; report-uri https://events.ocdn.eu/v2/csp-report?_ac=events&_fv=ekstraklasa.tv::UCS 1
default-src https: 'unsafe-inline' 'unsafe-eval' data:; media-src https: blob: data:; child-src https: blob:; report-uri https://sentry.io/api/72071/csp-report/?sentry_key=4fb747b409644084ba393c5ab7399d16; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wFgjTraSWdDqR1QtZHsyTAjV6xg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://lz2maln6sltoumfb1w1wnfep.httpschecker.net/report 1
default-src 'self' https://www.google.com https://www.youtube.com https://www.hleroy.com; font-src 'self' data: https://fonts.gstatic.com/ https://www.hleroy.com; frame-ancestors 'self' https://wordpress.org https://www.hleroy.com; img-src 'self' https://ps.w.org https://s.w.org https://secure.gravatar.com https://wordpress.org https://www.hleroy.com; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/ https://www.google.com https://www.gstatic.com https://www.hleroy.com; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/ https://fonts.googleapis.com/ https://www.hleroy.com; report-uri https://www.hleroy.com/wp-json/wpcsp/v1/route/LogPolicyViolation?_wpnonce=410a0bc1d5 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HpdudlLfYzJLkgQqkrCKgucPmM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wvxMXVnyGP1OjneBPlAqgyeZ0gU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-W0kWTW5dpfZYVaI1Oc6suIIKJJ4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
manifest-src 'self'; default-src 'self' data:; object-src 'self' http://*.eyeka.com data: https://*.eyeka.com; script-src https://*.googleapis.com https://*.g.doubleclick.net https://*.uservoice.com https://*.facebook.net https://*.newrelic.com https://*.slaask.com https://*.licdn.com https://*.twitter.com http://*.eyeka.com https://*.google.co.id https://*.cedexis.com 'self' https://*.google.ru https://*.google-analytics.com https://*.mouseflow.com https://*.ads-twitter.com https://*.kameleoon.com https://*.google.fr https://*.embedly.com https://*.googleadservices.com https://*.ads.linkedin.com http://*.google.com 'unsafe-eval' https://*.adnxs.com https://*.eyeka.com https://*.pusher.com 'unsafe-inline' https://*.mxpnl.com https://*.nr-data.net https://*.linkedin.com data: https://*.gstatic.com https://*.google.com; style-src https://*.eyeka.com http://*.eyeka.com 'unsafe-inline' 'self' https://*.embedly.com https://*.googleapis.com data: https://*.slaask.com; connect-src https://slaask.com https://*.adnxs.com https://*.eyeka.com http://*.eyeka.com https://*.pusher.com https://*.facebook.com https://*.kameleoon.com https://*.cedexis.com 'self' https://*.g.doubleclick.net https://*.googleapis.com data: https://*.google.com http://*.google.com; media-src https://*.eyeka.com http://*.eyeka.com 'self' https://*.gstatic.com https://*.google.com https://*.slaask.com http://*.google.com; img-src https://*.googleapis.com https://*.g.doubleclick.net https://*.uservoice.com https://*.slaask.com https://*.gravatar.com https://*.licdn.com https://*.google.co.in http://*.eyeka.com https://*.google.co.id 'self' https://*.google.ru https://*.cdnetworks.net https://*.google-analytics.com https://*.facebook.com https://*.kameleoon.com https://*.google.fr https://*.ads.linkedin.com https://*.google.co.uk http://*.google.com https://*.adnxs.com https://*.eyeka.com https://*.google.com.ua https://t.co data: https://*.gstatic.com https://*.google.com https://*.google.com.ph; font-src https://*.eyeka.com http://*.eyeka.com 'self' https://*.embedly.com data: https://*.gstatic.com https://*.slaask.com; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5839e7e0b36b4ff3bd538670ea663265; child-src 'self'; frame-src https://*.kameleoon.eu https://*.facebook.com https://*.kameleoon.com 'self' https://*.embedly.com https://*.g.doubleclick.net https://*.uservoice.com data: https://*.google.com http://*.google.com; worker-src 'self' 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://s1ippwptvgew9aeljtmebwmq.httpschecker.net/report 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://3yz21u6wojsrvhw3tvd5q8ux.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HjC4KufXaVdCcNy86wYgUPmmOc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https: blob:; child-src *; connect-src 'self' https: wss:; font-src 'self' data: fonts.gstatic.com; frame-src brigad.typeform.com accounts.google.com www.facebook.com staticxx.facebook.com; worker-src blob: cdn.logrocket.io; style-src 'unsafe-inline' s3-eu-west-1.amazonaws.com fonts.googleapis.com; img-src 'self' https: http: data:; media-src 'self' https:; script-src 'unsafe-inline' blob: s3-eu-west-1.amazonaws.com js.stripe.com www.google-analytics.com apis.google.com maps.googleapis.com connect.facebook.com connect.facebook.net bat.bing.com cdn.logrocket.io assets.zendesk.com static.zdassets.com cdnjs.cloudflare.com; report-uri https://services-staging.brigad.tools/devtools/v1/content-security-policy-report-only 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: https://*.rubiconproject.com https://wordpress.com https://*.wp.com https://*.adform.net https://cdn.polyfill.io https://*.hit.gemius.pl https://*.orcinus.ai https://*.pingdom.net https://shop.wolterskluwer.hu https://wolterskluwer.hu https://*.googlesyndication.com https://adservice.google.co.in https://static.addtoany.com https://*.optimonk.com https://*.linkedin.com https://*.facebook.com https://connect.facebook.net https://*.twitter.com https://*.gstatic.com https://ad.adverticum.net https://cdnjs.cloudflare.com https://*.doubleclick.net https://www.google-analytics.com https://*.google.com https://*.google.ie https://*.google.hu https://www.googletagmanager.com https://service.maxymiser.net https://*.mookie1.com https://*.googleapis.com https://*.adnxs.com https://*.adroll.com https://sjs.bizographics.com https://bs.serving-sys.com https://ams.creativecdn.com https://secure.gravatar.com https://img.en25.com https://hugde.adocean.pl https://eu-static.sociomantic.com https://ads.eu.criteo.com https://*.t.eloqua.com https://*.2mdn.net https://rdi.eu.criteo.com https://*.doubleverify.com https://www.youtube.com; report-uri /report_csp.php 1
default-src https: data: blob: about: 'unsafe-inline' 'unsafe-eval'; report-uri https://8f97ca7fe77acd3ff57dd08291fc4c61.report-uri.com/r/d/csp/reportOnly 1
default-src 'self'; img-src https://s3.amazonaws.com/i.superlawyers.com/ https://d22sy6g45ur8ee.cloudfront.net *.superlawyers.com https://d22sy6g45ur8ee.cloudfront.net/assets 'self' *.doubleclick.net *.llnwd.net *.googletagmanager.com data: *.demdex.net *.xfinity.com *.plaxo.com *.licdn.com *.twitter.com *.facebook.com *.licdn.com *.superlawyers.com *.cmptch.com *.everesttech.net *.twitter.com *.google-analytics.com *.brightcove.com *.opentext.com *.gstatic.com *.betrad.com *.googleapis.com *.googlesyndication.com *.eloqua.com cdn.datatables.net *.linkedin.com *.doubleclick.com *.google.com *.scorecardresearch.com *.akamaihd.net *.youtube.com; font-src https://s3.amazonaws.com/i.superlawyers.com/ https://d22sy6g45ur8ee.cloudfront.net *.superlawyers.com https://d22sy6g45ur8ee.cloudfront.net/assets 'self' cdn.tinymce.com data: fonts.gstatic.com; style-src https://s3.amazonaws.com/i.superlawyers.com/ https://d22sy6g45ur8ee.cloudfront.net *.superlawyers.com https://d22sy6g45ur8ee.cloudfront.net/assets 'self' 'unsafe-inline' *.googleapis.com cdn.tinymce.com *.gstatic.com cdn.datatables.net; script-src https://s3.amazonaws.com/i.superlawyers.com/ https://d22sy6g45ur8ee.cloudfront.net *.superlawyers.com https://d22sy6g45ur8ee.cloudfront.net/assets 'self' 'unsafe-inline' 'unsafe-eval' *.departapp.com *.bizographics.com *.opentext.com *.google-analytics.com *.thomsonreuters.com *.google-analytics.com *.omtrdc.net *.perfdrive.com https://ajax.cloudflare.com *.rubiconproject.com *.facebook.net *.googletagmanager.com *.google.co.uk *.google.co.in *.google.co.in code.jquery.com *.akamaihd.net assets.adobedtm.com ajax.aspnetcdn.com *.licdn.com *.google.com *.lpsnmedia.net *.liveperson.net cdn.datatables.net *.doubleclick.net *.betrad.com *.scorecardresearch.com *.googleapis.com *.googletagservices.com *.googleadservices.com *.googlesyndication.com *.brightcove.net *.gstatic.com *.linkedin.com assets.adobedtm.com *.findlaw.com *.issuu.com cdn.ampproject.org cdn.jsdelivr.net cdn.mouseflow.com cdnjs.cloudflare.com js.maxmind.com cdn.tinymce.com img03.en25.com; connect-src 'self' *.akamaihd.net *.superlawyers.com *.perfdrive.com *.facebook.com *.google-analytics.com *.stickyadstv.com *.gstatic.net *.googlesyndication.com *.advertising.com *.demdex.net *.findlaw.com *.mouseflow.com *.brightcove.com *.springserve.com *.doubleclick.net *.springserve.com *.vertamedia.com *.googlesyndication.com *.gstatic.com *.google.com; frame-ancestors 'self'; frame-src *.youtube.com *.liveperson.net *.facebook.com *.akamaihd.net *.google.com *.lpsnmedia.net *.demdex.net *.googlesyndication.com *.doubleclick.net *.googletagservices.com *.facebook.net *.issuu.com; media-src https://s3.amazonaws.com/i.superlawyers.com/ https://d22sy6g45ur8ee.cloudfront.net *.superlawyers.com https://d22sy6g45ur8ee.cloudfront.net/assets 'self' *.media.brightcove.com; object-src 'none'; manifest-src *.superlawyers.com; report-uri https://superlawyers.report-uri.com/r/t/csp/reportOnly; 1
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https:; object-src 'self'; form-action https:; report-uri https://arlingtonva.report-uri.io/r/default/csp/reportOnly; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.it ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.it *.spreadshirt.it ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.it ; font-src 'self' https: *.spreadshirt.it ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.it ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.it ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7uIZ5uKPxKrZQVxzD6na4rE5y0Y'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self'; script-src 'self' data: code.jquery.com code.createjs.com s3-eu-west-1.amazonaws.com code.createjs.com www.googletagmanager.com ajax.googleapis.com connect.facebook.net www.google-analytics.com www.googleadservices.com 'nonce-e4cb94070feecad373f0d44a3093ad17012759e5'; style-src 'self' 'unsafe-inline; img-src 'self' www.adobe.com data: blob: s3-eu-west-1.amazonaws.com tats.g.doubleclick.net googleads.g.doubleclick.net www.google-analytics.com www.facebook.com www.google.pl www.google.com; frame-src 'self' staticxx.facebook.com www.facebook.com superkid-pl.sugester.pl; report-uri https://www.superkid.pl/ajax/csp-report; 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://r2vqneplrwypadvvy5nemtoc.httpschecker.net/report; report-to https://r2vqneplrwypadvvy5nemtoc.httpschecker.net/report 1
default-src 'unsafe-inline' * 'unsafe-eval' data: https:; img-src 'unsafe-inline' data: mediastream: blob: * android-webview-video-poster:; font-src 'unsafe-inline' * 'unsafe-eval' data:; form-action https:; report-uri https://sagvhts6ostb5kz5guxaxuzi.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-22PiinN5vvg1kwkSpFnjMqRA3V8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https://cdn-prod.fin.com https://www.fin.com; frame-src https://www.youtube.com https://airtable.com https://connect.facebook.net https://docs.google.com https://assets.braintreegateway.com http: https: 'self' https://www.youtube.com; style-src 'self' https://cdn-prod.fin.com 'unsafe-inline' https://fonts.googleapis.com http://fonts.googleapis.com blob: https://cdnjs.cloudflare.com/ajax/libs/highlight.js/; media-src 'self' blob: https://cdn-prod.fin.com https://www.fin.com https://s3.amazonaws.com/ventures.fin.assets.dev/ https://fin-blogger-assets.s3.amazonaws.com https://fin-prod-screen-recording.s3.amazonaws.com https://fin-user-content-bucket-staging.s3.amazonaws.com https://media.twiliocdn.com https://api.twilio.com; script-src 'self' https://www.fin.com https://cdn-prod.fin.com 'unsafe-eval' https://maps.googleapis.com https://www.googletagmanager.com https://*.pusher.com https://static.twilio.com https://media.twiliocdn.com https://bam.nr-data.net https://js-agent.newrelic.com https://code.jquery.com https://*.google-analytics.com https://chat-assets.frontapp.com https://connect.facebook.net https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://static.airtable.com https://api.braintreegateway.com/ https://api.sandbox.braintreegateway.com/ https://js.braintreegateway.com https://cdnjs.cloudflare.com/ajax/libs/highlight.js/ https://googleads.g.doubleclick.net https://www.googleadservices.com https://s.ytimg.com https://www.youtube.com https://sdk.amazonaws.com https://js.braintreegateway.com https://chat-assets.frontapp.com 'nonce-c04885a8e532fceb9f69' 'sha256-lPjq9JlaE62rFTFUWuEkqpwmLzda+r8qFIRxt9eq1o0=' 'sha256-eWWprsZHD8q6E+4bPUhOlu80822MpT96khSRMDCjvt4=' 'sha256-g/CfH+uumZkHTwknsoFwFfsfoeA1LSltS2V9GHAzzPA=' 'sha256-HH9iID1u4Yed2rXnO9UPcaP6m9kxNDOcg4bIaHv5aMA=' 'sha256-lPjq9JlaE62rFTFUWuEkqpwmLzda+r8qFIRxt9eq1o0=' 'sha256-9UqNKuFSAZeHoO2sT6bB0DTVf6DUVsof2EiuhN2UmUE=' 'sha256-kd7Y796oAbJAz27OC2LcmxzmZUaopiPKHqDL4HJGVP0=' 'sha256-Du/5ZurzO0a2fNggmDbdGiQqvya2cPEWykryqeHiNOU='; connect-src 'self' https://www.fin.com https://cdn-prod.fin.com https://prod-spellcheck.fin.com/v2/check https://ventures.fin.assets.dev.s3.amazonaws.com/ https://cognito-identity.us-east-1.amazonaws.com https://s3.amazonaws.com/ventures.fin.assets.dev/ https://fin-blogger-assets.s3.amazonaws.com https://fin-user-content-bucket-staging.s3.amazonaws.com https://*.twilio.com wss://*.twilio.com https://media.twiliocdn.com wss://ws.pusherapp.com https://*.pusher.com https://bam.nr-data.net https://js-agent.newrelic.com https://api.rollbar.com https://www.google-analytics.com; img-src http: https: data: self: cid: https://stats.g.doubleclick.net https://www.google.com https://www.google.ca/ads https://www.google.cz/ads https://www.google.co.uk; font-src 'self' https://cdn-prod.fin.com https://fonts.gstatic.com https://fonts.googleapis.com http://fonts.googleapis.com http: https: data: https://d25purrcgqtc5w.cloudfront.net; report-uri /webhook/csp_report?control=external 1
default-src 'self'; script-src 'self' 'nonce-iju9MGQZoDUbvRcNfKcyAA==' https://www.google-analytics.com; connect-src 'self' https://*.evemarketer.com https://esi.tech.ccp.is ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://imageserver.eveonline.com https://www.google-analytics.com; font-src 'self' data: https://fonts.gstatic.com; report-uri https://report-uri.appspot.com/987196350443556864?ro=1 1
default-src https: data: 'unsafe-inline' 'unsafe-eval'; connect-src https: wss: data: blob:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/hg/prod 1
default-src 'none'; script-src 'self' 'unsafe-inline' https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com:443; img-src 'self' data: https://spotlight.radiopublic.com:443 https://www.google-analytics.com; frame-src https://embed.radiopublic.com; font-src *; connect-src https://draper.radiopublic.com:443 https://search.radiopublic.com:443 https://api.radiopublic.com:443; report-uri https://play.radiopublic.com/csp-report 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; report-uri /ikd_img/skins/ipko/k_rcv; 1
default-src data: 'unsafe-eval' 'unsafe-inline' https:; style-src 'unsafe-inline' https:; media-src blob: https:; img-src https: data:; font-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; report-uri /corp_includes/report_only.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TGKxf4TwRYDqB5gj6fMFdK2OAI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://t9zbjkg1coskve1sxedpuq2e.httpschecker.net/report 1
default-src data: https: http://*.cdn.ngenix.net 'unsafe-inline' 'unsafe-eval'; report-uri https://www.b-kontur.ru/private/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jZ6neuguXyo1b95amBYGUcGsE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-uV3gHXri93JwUn8Qpl3jy3d6Q4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-RnCYYOShMxTGLTFqFUJ6li5noPw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wCyL5gMSDUyUH7srTRAjWB2WdA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YSLGwgrA9O63oMQKojVbweFzqyQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EGiL2X9ghUFJwkeOhA1TMZEDxCo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dWqrcUi1Pzc6vxzgdD5biLdKFc0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-t4hivvtV5FUnPYqXjswUaHxrdmA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SnvjZiwflmkwDtXSbC0piyY211U'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OuvJndkT0y8Nrr4TzMBKwImm7VM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-cRx9Pqq9zPQc3qGzMwmH4Vdz5c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ArEhxnsNWe5Xt1mAHw6vglOXSDM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3SiF7d45yTbAiA3kvrqPZNVpVug'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4EzK4Qj6FlzNynJwlUDjsRgkxCE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4pHQyntv43OQVGHoubf4tn4FJUM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: data: 'unsafe-inline' 'unsafe-eval' blob: wss:; report-uri https://464b711251f54c909b7a68dbb569ad3b.myssl-uri.com/api/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tTzeAN9DLfC5ywqdS0mciIn88C8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self'; img-src 'self' 'unsafe-inline' data: buzznet.ru counter.yadro.ru www.google-analytics.com avatars-fast.yandex.net favicon.yandex.net an.yandex.ru mc.yandex.ru yastatic.net static.leadia.ru api.leadiacloud.com api.cloudleadia.com; script-src 'unsafe-eval' 'nonce-RAND' an.yandex.ru yandex.st yastatic.net mc.yandex.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com pagead2.googlesyndication.com an.yandex.ru mc.yandex.ru yandex.st form.leadiacloud.com api.leadiacloud.com api.cloudleadia.com; style-src 'unsafe-inline' 'unsafe-eval' 'nonce-RAND' yandex.st yastatic.net; frame-src 'self' googleads.g.doubleclick.net form.leadiacloud.com api.leadiacloud.com api.cloudleadia.com awaps.yandex.ru awaps.yandex.net yandexadexchange.net *.yandexadexchange.net yastatic.net *.yandex.ru; connect-src 'self' www.google-analytics.com yandex.ru an.yandex.ru strm.yandex.ru mc.yandex.ru yandex.st yastatic.net; media-src *.yandex.net yandex.st yastatic.net; report-uri http://zakonbase.ru/csp 1
default-src 'none' 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://* wss://* data:;                                                report-uri https://homestay.report-uri.io/r/default/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LfqAPdL42LLAjSBsnupCgoi0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-482CIqL3Ls3rPuGBgNu74BP9w'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com.au&source%5Bsection%5D=brochure&source%5Buuid%5D=ab9106f38871bfeac901f1a7414f368f 1
script-src https://www.thehut.de https://m.thehut.de 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.thehut.de/cspReport.txt; 1
script-src https://www.myprotein.ru https://m.myprotein.ru 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://mc.yandex.ru; report-uri https://www.myprotein.ru/cspReport.txt; 1
default-src 'self' 'unsafe-inline' data: https: wss:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; upgrade-insecure-requests 1
default-src 'self' *.youtube.com; frame-src 'self' https://syndication.twitter.com https://platform.twitter.com https://www.google.com/ https://player.cloud.wowza.com http://wowzaprod123-i.akamaihd.net; style-src 'self' 'unsafe-inline' https://platform.twitter.com https://ton.twimg.com https://player.cloud.wowza.com http://player.cloud.wowza.com http://player-dev.cloud.wowza.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com *.youtube.com https://platform.twitter.com https://cdn.syndication.twimg.com https://connect.facebook.net https://cdnjs.cloudflare.com https://secure.adnxs.com https://app.icontact.com https://www.gstatic.com https://www.google.com https://player.cloud.wowza.com http://player.cloud.wowza.com http://player-dev.cloud.wowza.com; img-src 'self' data: *.youtube.com http://aepcdn.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com https://platform.twitter.com https://www.facebook.com https://secure.adnxs.com https://aep-power.tsyawshost.com https://app.icontact.com http://prod-railsapp.s3.amazonaws.com; connect-src 'self' http://wowzaprod123-i.akamaihd.net https://player.cloud.wowza.com https://americanelectric2018tf.q4web.com; media-src 'self' http://wowzaprod123-i.akamaihd.net *.youtube.com blob: ; font-src 'self' data: ; 1
font-src 'self' https://*.kxcdn.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.kxcdn.com https://cdnjs.cloudflare.com https://connect.facebook.net https://googleads.g.doubleclick.net https://js.braintreegateway.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://*.kxcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com; child-src 'self' https://staticxx.facebook.com https://bid.g.doubleclick.net; img-src 'self' data: https:; report-uri /api/v0.1.0/security-report/csp; connect-src 'self' https:; object-src 'self' https://*.kxcdn.com; default-src 'self'; frame-src 'self' https://*.kxcdn.com https://assets.braintreegateway.com https://bid.g.doubleclick.net https://checkout.paypal.com https://connect.facebook.net https://staticxx.facebook.com https://www.facebook.com 1
default-src 'self'; base-uri 'none'; child-src *.wistia.com *.wistia.net *.doubleclick.net *.productboard.com; connect-src 'self' cdn.productboard.com *.segment.io *.intercomcdn.com *.typekit.net api.mixpanel.com *.wistia.com *.facebook.com *.googlesyndication.com *.google.com *.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io *.disqus.com *.facebook.net *.clearbit.com; font-src 'self' data: use.typekit.net fonts.typekit.net *.intercomcdn.com *.wistia.com wordpress.com *.wp.com; img-src * data:; media-src 'self' data: blob: *.intercomcdn.com embedwistia-a.akamaihd.net *.wistia.com cdn.productboard.com; object-src 'none'; script-src 'self' blob: cdn.productboard.com use.typekit.net *.jquery.com *.segment.com *.intercom.io *.intercomcdn.com google-analytics.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com www.google.com *.doubleclick.net connect.facebook.net *.wistia.com *.wistia.net *.hotjar.com *.disqus.com disqus.com *.twitter.com twitter.com *.heapanalytics.com *.pardot.com *.mxpnl.com *.productboard.com *.disquscdn.com *.gstatic.com *.wp.com snap.licdn.com px.ads.linkedin.com *.clearbit.com clearbitjs.com 'nonce-G0j2bvaLgJG7+7IVrhLABQ=='; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com use.typekit.net cdn.productboard.com *.disquscdn.com *.wp.com; frame-src *.youtube.com *.facebook.com youtube.com *.google.com google.com *.wistia.com wistia.com *.twitter.com twitter.com *.disqus.com disqus.com *.wistia.net wistia.net *.doubleclick.net *.facebook.net; report-uri https://app.productboard.com/csp_report; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=bb6fb67b-cbbe-4fc9-9c83-8d71e4b9bfef&version=5c2df8046534720ddcd5a15018c359f705fa6651 1
script-src https://www.beautyexpert.com https://m.beautyexpert.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://fp.zenaps.com; report-uri https://www.beautyexpert.com/cspReport.txt; 1
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' analyse.elaon.de 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-82kdyCrQnrQZ10KLKozpbWDiLw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: 'unsafe-inline'; img-src 'self'; media-src 'self' 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.google.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://moneybird.disqus.com https://disqus.com https://c.disquscdn.com https://connect.facebook.net https://api.instagram.com https://maps.googleapis.com https://bat.bing.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://c.disquscdn.com https://d3s4clg74dg0wr.cloudfront.net https://fonts.googleapis.com; img-src 'self' https://dl6oytjgv033w.cloudfront.net https://www.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://www.facebook.com https://referrer.disqus.com https://c.disquscdn.com https://www.google.nl https://www.google.com https://scontent.cdninstagram.com https://maps.gstatic.com https://csi.gstatic.com  https://maps.googleapis.com https://bat.bing.com; object-src https://www.youtube-nocookie.com https://www.youtube.com; connect-src 'self' https://www.gstatic.com https://moneybird.com https://glitter.services.disqus.com https://homerun.co https://stats.g.doubleclick.net; frame-src https://www.google.com https://www.facebook.com https://disqus.com https://www.youtube.com  https://www.youtube-nocookie.com https://fast.wistia.net https://fast.wistia.com https://moneybird.clickwebinar.com; font-src 'self' https://fonts.googleapis.com; report-uri https://moneybird.com/csp_report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=5ea7c803-a099-4439-bbbd-b74a3e6f018a&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.adobedtm.com *.amazon-adsystem.com *.appdemostore.com *.atdmt.com *.avocet.io *.blubrry.com *.clicktale.net *.craftyclicks.co.uk *.doubleclick.net *.everesttech.net *.facebook.com *.facebook.net *.fca.org.uk *.google.co.uk *.google.com *.google.ie *.googleadservices.com *.jwpcdn.com *.liveperson.net *.linkedin.com *.lpsnmedia.net *.neolane.net *.omguk.com *.omtrdc.net *.pinimg.com *.pinterest.com *.snapchat.com *.ulsterbank.co.uk *.ulsterbank.com *.ulsterbankanytimebanking.co.uk *.userzoom.com *.youtube.com *.ytimg.com dpm.demdex.net jwpltx.com rbs.demdex.net; upgrade-insecure-requests; block-all-mixed-content; report-uri https://ulsterbankni.report-uri.com/r/t/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OyX9qUcUOOukBQdU9mkb1xNYE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zoUDlaTgxkMcRZe5xTNYwZvnAQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://r3kupgwaqnwprzknmxpqwvod.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-8eBETupc6AhBk2z6tcDN8xpPlU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self'; img-src 'self' data: https://piwik.contactoffice.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://piwik.contactoffice.com; style-src 'self' 'unsafe-inline'; font-src 'self' data: ; form-action 'self'; frame-ancestors 'self'; report-uri https://mailbe.report-uri.com/r/d/csp/reportOnly; 1
default-src 'unsafe-eval' 'unsafe-inline' data: https:; report-uri https://sentry.mybook.tech/api/44/csp-report/?sentry_version=5&sentry_key=8600d8ebdcab4cac85a0c19f624a07ac 1
connect-src 'self' logx.optimizely.com *.optimizely.com *.maginfrastructure.com *.hotjar.com www.google-analytics.com capture.trackjs.com www.facebook.com stats.g.doubleclick.net *.holidayextras.co.uk;frame-src *.optimizely.com *.fls.doubleclick.net vars.hotjar.com www.googletagmanager.com www.facebook.com www.thetrainline.com www.google.com;img-src 'self' cdn.optimizely.com assets.live.web.maginfrastructure.com live-webadmin-media.s3.amazonaws.com test-webadmin-media.s3.amazonaws.com s3-eu-west-1.amazonaws.com www.google-analytics.com nova.collect.igodigital.com www.facebook.com usage.trackjs.com p.typekit.net mag-retail-media-live.s3.amazonaws.com bat.bing.com pixel.quantserve.com *.g.doubleclick.net t.co www.google.com www.google.co.uk *.cpx.to *.adnxs.com *.avocet.io p.travelsmarter.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' data: cdn.optimizely.com https://www.googletagmanager.com www.googletagservices.com www.google-analytics.com www.google.com cdn.trackjs.com static.hotjar.com script.hotjar.com 10959453.collect.igodigital.com/collect.js cdn3.optimizely.com connect.facebook.net tag.yieldoptimizer.com use.typekit.net inpref.s3.amazonaws.com securepubads.g.doubleclick.net platform.twitter.com *.cpx.to rules.quantcount.com static.ads-twitter.com analytics.twitter.com www.gstatic.com adservice.google.co.uk adservice.google.com secure.quantserve.com bat.bing.com *.doubleclick.net www.googleadservices.com 'nonce-YmXus0mLNgAT5LqOJ0rgk6C2ZWnhdBsL';style-src 'self' 'unsafe-inline' static.tacdn.com data:; report-uri https://webevo.report-uri.com/r/d/csp/reportOnly 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://sourcingjournal.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FcfqTIAljFAOv5SKw65w7gBU2k'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CfNztLFjnwGniILlDPj1m7p8xVk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BfnZa22UVykAzMM974WXuinrU8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rbSUOISlGp29Ln5EkWyHjhmMt8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src * file: gap: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; report-uri /csp/report/; default-src * gap://ready file: 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob:; connect-src * 'self'; font-src * data: 1
default-src 'none'; media-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-nWvnb+zPbQ6xxgU384pN1weZ2qA8lWwnJcUIBIvjejXMGbE2gMZNu50InB4c3w9NwLSS01Zmy2EnK2dF/557jA==' 'report-sample' 'strict-dynamic'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://cdn.jsdelivr.net/hint.css/1.3.2/hint.min.css https://optimize.google.com/optimize/editor/css/css.css; font-src 'self' https://themes.googleusercontent.com/static/fonts/ https://fonts.googleapis.com https://fonts.gstatic.com https://www.facebook.com data:; img-src * data:; frame-src data: 'self' https://*.doubleclick.net/ https://*.facebook.net/ https://www.youtube.com/ https://www.googletagmanager.com/ https://accounts.google.com/; connect-src *; object-src 'self'; child-src 'self'; report-uri https://ac82c0dc52571d815c9ba2a927354a38.report-uri.com/r/d/csp/reportOnly; 1
default-src 'self'; script-src https://static.groklearning-cdn.com 'nonce-JU463cD7rGtYScukKySU0dKg' https://groklearning.com https://mathjax.groklearning-cdn.com https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://djtflbt20bdde.cloudfront.net connect.facebook.net https://www.google-analytics.com; style-src https://static.groklearning-cdn.com 'unsafe-inline' https://mathjax.groklearning-cdn.com https://d12wqas9hcki3z.cloudfront.net https://djtflbt20bdde.cloudfront.net https://fonts.googleapis.com; img-src 'self' data: https://groklearning-cdn.com https://static.groklearning-cdn.com https://web.comp.gl www.facebook.com web.facebook.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.paypal.com https://www.paypalobjects.com d33v4339jhl8k0.cloudfront.net https://www.gravatar.com; connect-src 'self' https://groklearning-cdn.com https://static.groklearning-cdn.com wss://realtime.groklearning.com wss://terminals.groklearning.com wss://sandbox.comp.gl wss://*.sandbox.comp.gl https://preview.comp.gl https://www.google-analytics.com https://stats.g.doubleclick.net https://secure.helpscout.net https://api.ipify.org https://docs.groklearning.io; font-src https://static.groklearning-cdn.com https://fonts.gstatic.com; object-src https://djtflbt20bdde.cloudfront.net; media-src https://static.groklearning-cdn.com https://groklearning-cdn.com; frame-src 'self' https://static.groklearning-cdn.com https://web.comp.gl https://cybersecurity.comp.gl https://djtflbt20bdde.cloudfront.net staticxx.facebook.com *.sandbox.comp.gl preview.comp.gl *.preview.comp.gl; child-src 'self' https://web.comp.gl https://cybersecurity.comp.gl https://djtflbt20bdde.cloudfront.net *.facebook.com; form-action 'self' https://www.paypal.com; base-uri docs.helpscout.net; report-uri /csp/report-violation/ 1
default-src 'self'; script-src 'self' files.plugin-alliance.com www.youtube.com s.ytimg.com www.google-analytics.com connect.facebook.net analytics.twitter.com platform.twitter.com 'unsafe-inline'; style-src 'self' files.plugin-alliance.com 'unsafe-inline'; img-src 'self' data: files.plugin-alliance.com i.ytimg.com img.youtube.com yt3.ggpht.com www.google-analytics.com www.facebook.com analytics.twitter.com t.co; font-src 'self' files.plugin-alliance.com; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net; frame-src 'self' www.youtube.com embed.pivotshare.com d271ulnm1ao6ig.cloudfront.net w.soundcloud.com www.facebook.com staticxx.facebook.com; form-action 'self' plugin-alliance.us3.list-manage.com; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; referrer no-referrer-when-downgrade; report-uri https://pluginalliance.report-uri.io/r/d/csp/wizard 1
default-src http://eurojackpot.de https://eurojackpot.de http://www.eurojackpot.de https://www.eurojackpot.de http://trck.spoteffects.net https://trck.spoteffects.net http://www.youtube.com https://www.youtube.com 'unsafe-inline' 'unsafe-eval'; child-src http://eurojackpot.de https://eurojackpot.de http://www.eurojackpot.de https://www.eurojackpot.de http://m.lotto.de https://m.lotto.de http://www.lotto.de https://www.lotto.de http://miframe.lotto.de http://iframe.lotto.de https://miframe.lotto.de https://iframe.lotto.de http://www.youtube.com https://www.youtube.com http://trck.spoteffects.net https://trck.spoteffects.net; connect-src http://eurojackpot.de https://eurojackpot.de http://www.eurojackpot.de https://www.eurojackpot.de http://www.googleapis.com https://www.googleapis.com; font-src http://eurojackpot.de https://eurojackpot.de http://www.eurojackpot.de https://www.eurojackpot.de http://fonts.gstatic.com https://fonts.gstatic.com data: ; img-src http://eurojackpot.de https://eurojackpot.de http://www.eurojackpot.de https://www.eurojackpot.de http://trck.spoteffects.net https://trck.spoteffects.net data: ; report-uri /csp_to_mail.php 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.nl ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.nl *.spreadshirt.nl ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.nl ; font-src 'self' https: *.spreadshirt.nl ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.nl ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.nl ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://gmhkfzzetwtesmqr0iqjzu54.httpschecker.net/report 1
script-src https: blob: mediastream: data: 'unsafe-inline' 'unsafe-eval' 1
script-src https://www.popinabox.us https://m.popinabox.us 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.popinabox.us/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BTQ3y4zfVgaCGqSYrq4prNfTo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src  'none'; script-src 'self'; media-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nY08BIPL2MStCMbtzVkLiT7szc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://r1jnmluhunvvnxrrsyt0y2ra.httpschecker.net/report 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com.ph&source%5Bsection%5D=brochure&source%5Buuid%5D=b81bc014b6667ae3cc3cb97662800916 1
child-src 'self'; script-src-elem https://*.criteo.net https://*.criteo.com http://*.criteo.com http://*.criteo.net; connect-src http://*.us.criteo.com wss://*.inspectlet.com https://*.herokuapp.com http://*.facebook.com http://*.moatads.com https://*.facebook.com https://*.lkqd.net https://*.intercomcdn.com https://*.google-analytics.com https://*.g.doubleclick.net https://*.google.com https://*.stripe.com https://*.cooladata.com https://*.cloudinary.com http://*.lkqd.net https://*.moatads.com https://*.us.criteo.com https://*.crazyegg.com https://*.licdn.com https://*.springserve.net https://onesignal.com https://*.streamrail.net https://*.cmptch.com https://*.bfmio.com wss://*.intercom.io https://*.adaptv.advertising.com https://*.getsentry.com http://*.vertamedia.com https://*.googleapis.com https://*.vertamedia.com http://*.cloudinary.com https://*.springserve.com https://*.intercom.io http://*.bfmio.com https://sentry.io https://*.inspectlet.com http://*.springserve.com 'self' https://*.addthis.com data:; object-src https://*.cmptch.com 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_b712ff430c344451a7b9973dcafa5a57; font-src https://*.gstatic.com https://*.googleapis.com chrome-extension: https://*.bootstrapcdn.com https://*.joinhoney.com https://*.s3.amazonaws.com 'self' https://*.intercomcdn.com data:; media-src http://*.cloudinary.com https://*.cloudfront.net https://*.cloudinary.com 'self' https://*.intercomcdn.com data:; worker-src 'self'; script-src http://*.us.criteo.com wss://*.inspectlet.com https://*.bootstrapcdn.com https://*.criteo.com https://*.newrelic.com https://*.onesignal.com https://*.taboola.com http://*.moatads.com https://*.addthisedge.com https://*.outbrain.com https://*.vidible.tv https://*.ravenjs.com https://*.lkqd.net http://*.criteo.net https://*.criteo.net https://*.google-analytics.com https://*.googlesyndication.com https://*.intercomcdn.com https://*.bing.com 'self' https://*.g.doubleclick.net https://*.amazonaws.com http://*.vidible.tv https://*.googleadservices.com https://*.google.com https://*.bizographics.com https://*.stripe.com https://*.cooladata.com https://*.cloudinary.com http://*.lkqd.net https://*.moatads.com https://*.us.criteo.com https://*.cloudfront.net 'unsafe-inline' https://*.licdn.com 'unsafe-eval' https://*.springserve.net https://*.streamrail.com https://onesignal.com https://*.ads.linkedin.com https://*.linkedin.com https://*.cmptch.com https://*.googletagmanager.com wss://*.intercom.io https://*.quora.com https://*.addthis.com http://*.advertising.com https://*.nr-data.net https://*.facebook.net http://*.vertamedia.com https://*.googleapis.com https://*.cloudflare.com https://*.vertamedia.com http://*.cloudinary.com https://*.sentry-cdn.com https://*.intercom.io http://*.criteo.com https://*.zscalertwo.net https://*.inspectlet.com https://*.advertising.com https://*.beachfrontmedia.com data:; default-src 'self'; manifest-src 'self'; frame-src http://*.us.criteo.com https://*.matterport.com https://*.criteo.com http://*.facebook.com https://*.facebook.com http://*.criteo.net https://*.criteo.net https://*.googlesyndication.com https://*.g.doubleclick.net https://*.google.com https://*.stripe.com https://*.cloudinary.com https://*.moz.com https://*.advertising.com https://*.us.criteo.com https://*.cloudfront.net https://onesignal.com https://*.cmptch.com https://*.typeform.com http://*.advertising.com https://*.facebook.net https://*.googleapis.com http://*.cloudinary.com http://*.criteo.com https://*.s3.amazonaws.com 'self' https://*.addthis.com data:; img-src https://*.google.com.sg wss://*.inspectlet.com https://*.google.ae https://*.intercomassets.com https://*.google.pl https://*.onesignal.com https://*.google.lk https://*.taboola.com http://*.facebook.com https://*.google.com.tw https://*.facebook.com https://*.google.com.br https://*.google.com.kw https://*.google.fr https://*.joinhoney.com http://*.moatads.com https://*.outbrain.com https://*.google.ca https://*.google.co.ma https://*.vidible.tv https://*.google.com.au https://*.lkqd.net https://*.google.com.my https://*.google-analytics.com https://*.googlesyndication.com https://*.intercomcdn.com https://*.bing.com https://*.g.doubleclick.net https://*.amazonaws.com https://*.google.com.mx https://*.google.es http://*.vidible.tv https://*.google.com https://*.stripe.com https://*.google.de https://*.google.com.ua https://*.google.co.uk https://*.google.co.th https://*.cooladata.com https://*.cloudinary.com http://*.lkqd.net https://*.advertising.com https://*.moatads.com https://*.cloudfront.net https://*.gstatic.com https://*.crazyegg.com https://*.google.co.in https://*.google.nl https://*.google.com.tr https://*.springserve.net https://*.streamrail.com https://*.google.com.np https://*.cmptch.com https://*.bfmio.com https://*.googletagmanager.com https://*.quora.com https://*.google.com.vn https://*.ggpht.com http://*.advertising.com https://*.google.it https://*.google.ru https://*.googleapis.com https://*.google.com.ph https://*.google.co.il http://*.cloudinary.com https://*.springserve.com https://*.google.co.za http://*.bfmio.com https://*.google.com.eg https://*.google.gr https://*.inspectlet.com http://*.springserve.com 'self' https://*.addthis.com data:; style-src 'unsafe-inline' https://*.googleapis.com https://*.cloudflare.com https://*.amazonaws.com https://*.bootstrapcdn.com https://*.google.com https://onesignal.com https://*.cmptch.com https://*.joinhoney.com 'self' data: 1
report-uri https://sentry.io/api/86709/csp-report/?sentry_key=78def03cb6344381bfe5f31eb31822f9;base-uri 'self';font-src https://fonts.gstatic.com https://netdna.bootstrapcdn.com https://js.intercomcdn.com https://*.stripe.com https://commondatastorage.googleapis.com https://outschool.com data: blob: https://fast.wistia.com;img-src 'self' https: blob: data:;media-src data: https://www.filepicker.io https://cdn.filestackcontent.com https://*.stripe.com https://js.intercomcdn.com blob: https://embedwistia-a.akamaihd.net https://embed-ssl.wistia.com;object-src https://embedwistia-a.akamaihd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.filestackapi.com https://static.opentok.com https://*.stripe.com;script-src 'self' 'unsafe-inline' https://cdn.segment.com https://*.stripe.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://connect.facebook.net https://cdn.ravenjs.com https://browser.sentry-cdn.com https://www.fullstory.com https://js.intercomcdn.com https://*.intercom.io https://static.filestackapi.com https://static.opentok.com https://a.quora.com https://*.criteo.com https://*.criteo.net https://js-agent.newrelic.com https://bam.nr-data.net 'unsafe-eval' blob: https://fast.wistia.com https://fast.wistia.net https://src.litix.io;frame-src https://outschool.zoom.us https://zoom.us https://widget.intercom.io https://intercom-sheets.com https://stats.g.doubleclick.net https://bid.g.doubleclick.net https://*.stripe.com https://www.facebook.com https://connect.facebook.net https://www.youtube.com https://*.criteo.com https://*.criteo.net https://fast.wistia.com;connect-src 'self' blob: https://sentry.io https://bam.nr-data.net https://api.segment.io https://www.facebook.com https://rs.fullstory.com https://*.filestackapi.com https://cdn.filestackcontent.com https://*.intercom.io wss://*.intercom.io https://js.intercomcdn.com https://uploads.intercomcdn.com https://maps.googleapis.com https://s3.amazonaws.com https://anvil.opentok.com https://hlg.tokbox.com wss://*.tokbox.com https://*.stripe.com https://stats.g.doubleclick.net https://www.google-analytics.com https://app.getsentry.com https://embedwistia-a.akamaihd.net https://distillery.wistia.com https://embed-ssl.wistia.com https://pipedream.wistia.com https://fg8vvsvnieiv3ej16jby.litix.io;default-src blob: 'self' https://*.stripe.com 1
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.lookers.co.uk/api/content-security-policy; report-to report-endpoint 1
default-src *.cpj.org cpj.org; script-src 'self' 'unsafe-eval' https://ws.sharethis.com wd-edge.sharethis.com www.google-analytics.com 'unsafe-inline' https://www.youtube.com https://gdata.youtube.com https://s.ytimg.com script.crazyegg.com cse.google.com www.google.com www.googleapis.com platform.twitter.com; style-src *.cpj.org cpj.org 'unsafe-inline' w.sharethis.com ws.sharethis.com cse.google.com www.google.com; frame-src *.cpj.org cpj.org content.newsbound.com player.vimeo.com https://www.kizoa.com https://player.vimeo.com seg.sharethis.com edge.sharethis.com  https://ws.sharethis.com https://www.youtube.com https://www.google.com https://w.soundcloud.com; connect-src *.cpj.org cpj.org vimeo.com https://vimeo.com; img-src https://cpj.org https://www.cpj.org *.cpj.org cpj.org i.vimeocdn.com https://i.ytimg.com https://wa2.www.unesco.org www.google-analytics.com https://api.pagepeeker.com http://free.pagepeeker.com l.sharethis.com i.creativecommons.org licensebuttons.net www.googleapis.com www.google.com clients1.google.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com 'unsafe-inline'; object-src *.cpj.org cpj.org http://cpj.org; report-uri https://cpj.org/cgi-bin/csp-collector.cgi 1
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.dwolla.com dtlilztwypawv.cloudfront.net *.googleapis.com *.gstatic.com *.googletagmanager.com *.googleads.g.doubleclick.net *.google-analytics.com *.google.com *.facebook.com *.facebook.net *.adroll.com *.adnxs.com *.googleadservices.com *.yahoo.com *.bidswitch.net *.twitter.com *.rlcdn.com *.connexity.net static.chartbeat.com *.akamai.net *.optimizely.com *.cdngc.net *.iovation.com pi.pardot.com px.ads.linkedin.com snap.licdn.com safari-extension://* chrome-extension://* *.jobscore.com hire.withgoogle.com js-agent.newrelic.com bam.nr-data.net s0.wp.com s1.wp.com stats.wp.com widget.intercom.io a.quora.com cdnjs.cloudflare.com js.intercomcdn.com siftscience.com www.linkedin.com data:; style-src 'self' 'unsafe-inline' cdn.dwolla.com fonts.googleapis.com safari-extension://* chrome-extension://*; connect-src 'self' *.optimizely.com *.intercom.io status.g.doubleclick.net api.ipify.org; report-uri /Home/CSPReport; object-src 'self' *.cdngc.net *.iovation.com cdn.dwolla.com; default-src 'self'; font-src * data:; img-src * data:; frame-src 'self' *.dwolla.com *.facebook.com *.googletagmanager.com safari-extension://* chrome-extension://* *.jobscore.com hire.withgoogle.com *.chartbeat.com platform.twitter.com 1
script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.pinterest.com log.pinterest.com connect.facebook.net platform.twitter.com syndication.twitter.com tfw-current.s3.amazonaws.com www.google.com www.gstatic.com cdnjs.cloudflare.com stevenlevithan.com www.googletagmanager.com www.google-analytics.com; report-uri /nelmio/csp/report 1
default-src 'self' data: *.doubleclick.net *.adriver.ru *.google.ru *.google.com *.criteo.com *.criteo.net tags.soloway.ru vk.com top-fwz1.mail.ru *.facebook.com *.facebook.net www.googletagmanager.com www.googleadservices.com player.vimeo.com *.livetex.ru *.yandex.net *.yandex.ru kontur.ru *.kontur.ru www.google-analytics.com counter.yadro.ru fonts.gstatic.com *.s-microsoft.com 'unsafe-inline' 'unsafe-eval'; report-uri https://www.kontur-extern.ru/private/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-sazWEA9MSZsre1Ik7j0OjzcuC8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https://*.scripbox.com/ 'self'; base-uri 'self'; block-all-mixed-content; child-src https://disqus.com https://*.facebook.com https://*.facebook.net https://platform.twitter.com https://www.googletagmanager.com https://player.vimeo.com https://dis.as.criteo.com https://syndication.twitter.com/ https://www.airim.co/ 'self'; connect-src https://scripbox.com/ https://*.scripbox.com/ https://api.segment.io https://*.intercom.io/ wss://*.intercom.io/ https://*.intercomcdn.com https://api.amplitude.com/ https://api.mixpanel.com https://sumo.com https://api.branch.io https://tracker.scripbox.io https://*.google.com https://performance.typekit.net https://ampcid.google.co.in https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.co.in https://widgets.ekomi.com https://s3.eu-central-1.amazonaws.com/smart-widget/ https://anugu-xeaipw6sqtfv.scripbox.com/api/nudge https://fcm.googleapis.com/fcm/connect/ scripbox.com 'self'; font-src https://use.typekit.net https://js.intercomcdn.com/ https://fonts.gstatic.com https://*.scripbox.com/ https://maxcdn.bootstrapcdn.com/ https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ https://netdna.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 'self'; form-action 'self' *.scripbox.com *.facebook.com *.facebook.net *.twitter.com accounts.google.com; frame-ancestors 'none'; img-src https://*.scripbox.com/ https://dusy1lvven6c5.cloudfront.net/ https://dhkxjydftn2u5.cloudfront.net/ https://p.typekit.net/p.gif https://*.scripbox.io https://www.google-analytics.com/ https://stats.g.doubleclick.net https://trc.taboola.com https://www.facebook.com/tr/ https://www.google.com/ https://www.google.co.in https://t.co https://sumome-140a.kxcdn.com https://sumo.com https://*.disqus.com https://*.disquscdn.com https://*.googleusercontent.com https://maps.googleapis.com https://*.intercomcdn.com https://static.intercomassets.com https://q.quora.com https://*.gstatic.com https://*.facebook.com https://*.fbcdn.net https://s3.eu-central-1.amazonaws.com/smart-widget/ https://*.linkedin.com https://static.licdn.com https://i.vimeocdn.com https://w.recruiterbox.com https://dev.visualwebsiteoptimizer.com https://d1lpu0illwydyy.cloudfront.net https://sw-assets.ekomiapps.de https://sumo.b-cdn.net https://www.googletagmanager.com https://ad.doubleclick.net https://adservice.google.com https://abs.twimg.com https://ads.instabid.tech https://*.s3-ap-southeast-1.amazonaws.com data: https://secure.adnxs.com https://imp2.ads.linkedin.com/ android-webview-video-poster: 'self'; media-src https://*.scripbox.com/ https://js.intercomcdn.com/ 'self'; object-src 'self'; plugin-types application/x-shockwave-flash; script-src https://use.typekit.net https://www.googletagmanager.com https://*.scripbox.com/ https://maxcdn.bootstrapcdn.com https://www.google-analytics.com https://tracker.scripbox.io/piwik.js https://web.mxradon.com/t/Tracker.js https://cdn.segment.com https://cdn.mxpnl.com https://cdn.taboola.com/libtrc/scripboxindia-sc/tfa.js https://static.ads-twitter.com/uwt.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://web.mxradon.com https://connect.facebook.net https://*.intercom.io https://d24n15hnbwhuhn.cloudfront.net https://js.intercomcdn.com https://analytics.twitter.com https://sumome-140a.kxcdn.com https://load.sumome.com/ https://cdn.branch.io https://app.link https://disqus.com https://*.disqus.com https://*.disquscdn.com https://secure.adnxs.com https://*.linkedin.com https://*.bizographics.com https://linkedin.com https://bizographics.com https://a.quora.com https://cdn.ampproject.org https://ajax.googleapis.com/ajax/libs/jquery/ https://maps.googleapis.com https://widgets.ekomi.com https://s3.eu-central-1.amazonaws.com/smart-widget/ https://cdnjs.cloudflare.com/ajax/libs/tether/ https://dev.visualwebsiteoptimizer.com https://tagmanager.google.com https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js https://sumo.b-cdn.net https://www.gstatic.com/firebasejs/4.8.1/firebase-app.js https://www.gstatic.com/firebasejs/4.8.1/firebase-messaging.js https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/ https://www.airim.co/chat https://platform.twitter.com/widgets.js 'self' 'unsafe-eval' 'nonce-OceZR94LRCpcW01nTw26izXHl3ecpxCaWmnAuL+migg='; style-src https://maxcdn.bootstrapcdn.com https://*.scripbox.com/ https://sumome-140a.kxcdn.com https://fonts.googleapis.com https://*.disqus.com https://*.disquscdn.com https://widgets.ekomi.com https://s3.eu-central-1.amazonaws.com/smart-widget/ https://w.recruiterbox.com https://tagmanager.google.com https://cdn-images.mailchimp.com/embedcode/classic-10_7.css https://sumo.b-cdn.net https://sw-assets.ekomiapps.de https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css https://use.typekit.net/rxd6tca.css https://p.typekit.net/ https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/ https://platform.twitter.com/css/moment 'self' 'unsafe-inline'; upgrade-insecure-requests; report-uri https://errors.scripbox.com/api/16/csp-report/?sentry_key=3f1bbc591c2e4851a946b2496e4a5ddf 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.diadoc.ru/private/csp-report 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=e473d55e-8f21-46b8-a4e8-948ce1334069&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.es ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.es *.spreadshirt.es ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.es ; font-src 'self' https: *.spreadshirt.es ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.es ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.es ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagservices.com https://apis.google.com https://connect.facebook.net https://www.gstatic.com https://www.google-analytics.com https://ajax.googleapis.com https://gstatic.com https://www.googletagmanager.com https://google-analytics.com https://t.womtp.com https://api.ipify.org https://maps.googleapis.com https://www.google.com *.vo.msecnd.net https://static.criteo.net https://bucket.cdnwebcloud.com https://stats.g.doubleclick.net https://static.hotjar.com https://ws.walmeric.com https://sslwidget.criteo.com https://script.hotjar.com https://pagead2.googlesyndication.com https://neural29.cdnwebcloud.com https://sb.scorecardresearch.com https://ad.doubleclick.net https://ads.profilemkt.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com gstatic.com; img-src 'self' data: *.azureedge.net https://maps.gstatic.com https://maps.googleapis.com https://csi.gstatic.com https://stats.g.doubleclick.net https://www.google-analytics.com https://www.gstatic.com https://magazine.solvia.es *.blob.core.windows.net https://plataforma-des.infosolvia.es https://cdnpcomercialsolvia.azureedge.net https://www.google.com https://www.google.es https://sb.scorecardresearch.com *.g.doubleclick.net https://www.facebook.com https://t.womtp.com https://pagead2.googlesyndication.com *.cdnwebcloud.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' https://dc.services.visualstudio.com https://in.hotjar.com *.cdnwebcloud.com; object-src 'self' https://www.google.com; frame-ancestors 'none'; form-action 'self' https://www.facebook.com; report-uri https://69b2b976c6287d70a018dda40c4a3fca.report-uri.com/r/d/csp/reportOnly 1
script-src https://www.popinabox.it https://m.popinabox.it 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.popinabox.it/cspReport.txt; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com.ng&source%5Bsection%5D=brochure&source%5Buuid%5D=fc35c0840bcab53c943947032a1e4398 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dl6htCq1g5OgTvepTOtAF3d0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JN9D9rzGMFVaiMYIQrCQkzbwM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: www.booking.com *.holland.com *.bstatic.com; img-src 'self' data: https: media.leisure-group.net *.holland.com *.bstatic.com; report-uri https://sentry.io/api/238601/csp-report/?sentry_key=f3b7162ad3d04b16a96453f5260fa483; 1
default-src https: wss:; img-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; report-uri https://www.turne.com.ua/api/csp 1
report-uri https://csp.archant.co.uk/report; default-src https: 'unsafe-inline' 'unsafe-eval'; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.net ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.net *.spreadshirt.net ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.net ; font-src 'self' https: *.spreadshirt.net ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.net ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.net ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/byas/publishing/pro 1
default-src https:; report-uri https://csagroup.report-uri.com/r/d/csp/reportOnly 1
script-src https://www.zavvi.de https://m.zavvi.de 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://fp.zenaps.com https://pagead2.googlesyndication.com https://securepubads.g.doubleclick.net; report-uri https://www.zavvi.de/cspReport.txt; 1
default-src 'self'; img-src 'self' https://www.comune.palermo.it// https://s.bookcdn.com/ https://www.google-analytics.com https://www.googleapis.com https://www.google.com https://clients1.google.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' https://widgets.booked.net https://connect.facebook.net https://cse.google.com https://www.google-analytics.com https://clients1.google.com; style-src 'self' https: 'unsafe-inline' 'unsafe-eval'; frame-src https://www.facebook.com https://staticxx.facebook.com https://youtube.com; connect-src 'self' https://www.google-analytics.com; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://e15ope0k9hptp5zl3xrnow5a.httpschecker.net/report 1
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: https://comments.grahamedgecombe.com https://www.google-analytics.com; connect-src 'self' https://comments.grahamedgecombe.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://www.google-analytics.com; frame-ancestors 'none'; report-uri https://gpe.report-uri.io/r/default/csp/reportOnly 1
default-src https:; connect-src https://mention-me.com https://*.mention-me.com https://*.pingdom.net https://www.google-analytics.com https://*.intercom.io wss://*.intercom.io https://js.intercomcdn.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://api.appcues.net wss://api.appcues.net https://google.com; font-src 'self' data: https:; frame-src 'self' https://mention-me.com https://*.mention-me.com https://www.youtube.com https://*.facebook.com https://my.appcues.com https://intercom-sheets.com https://www.google.com https://secure-stats.pingdom.com; img-src data: https:; manifest-src 'none'; object-src https://mention-me.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://tag.mention-me.com https://static.mention-me.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://rum-static.pingdom.net https://www.google-analytics.com https://stats.g.doubleclick.net https://js-agent.newrelic.com https://bam.nr-data.net https://fast.appcues.com https://d3tcta4is3p1kw.cloudfront.net https://js.hs-analytics.net https://js.hs-scripts.com https://bat.bing.com https://static.ads-twitter.com https://www.googletagmanager.com https://tagmanager.google.com https://connect.facebook.net https://analytics.twitter.com https://platform.twitter.com https://developers.kakao.com https://oss.maxcdn.com https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com https://cdnjs.cloudflare.com https://www.gstatic.com https://www.google.com; style-src 'unsafe-inline' 'self' https:; report-uri https://mention-me.com/csp/report 1
block-all-mixed-content; report-uri https://us2.nimblecommerce.com/csp-violation.action 1
default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://schrodersweb.report-uri.com/r/d/csp/enforce; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1LgHFwPsdeBQ8OPJAw7nlRpq3s0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jJqEAiqTqeNtI46xUhWadxd9dQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ofE58a6C9teB2QTDH4kfj3tS3BM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SwF47oxmvS2Wi8bgKG3j8R3xVRc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6PO1BMqWXZHKqFMUTPd6zj8Rwrk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6uVL0Q49bOrZrpZuGChJv5wmc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-385sCih899zdGzdEWIYOnIPX7Y8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-NggYSswgaH7YvD04pISmNK1LSc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
style-src 'self' 'unsafe-inline' *.disquscdn.com *.google.com *.googleapis.com *.monotalk.xyz platform.twitter.com ton.twimg.com; default-src 'self' c.disquscdn.com disqus.com disqusads.com googleads.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' pagead2.googlesyndication.com www.google-analytics.com *.disqus.com c.disquscdn.com disqus.com *.googletagmanager.com *.google-analytics.com *.ampproject.org adservice.google.com tagmanager.google.com adservice.google.co.jp uh.nakanohito.jp platform.twitter.com cdn.syndication.twimg.com tagmanager.google.com googleads.g.doubleclick.net adservice.google.ca adservice.google.co.in adservice.google.co.kr adservice.google.co.th adservice.google.co.uk adservice.google.com.au adservice.google.com.br adservice.google.com.hk adservice.google.com.mm adservice.google.com.my adservice.google.com.ph adservice.google.com.sg adservice.google.com.tw adservice.google.com.vn adservice.google.de adservice.google.es adservice.google.fr cdn.mxpnl.com kitchen.juicer.cc; child-src 'self' googleads.g.doubleclick.net staticxx.facebook.com *.disqus.com kemsakurai.github.io *.ampproject.net syndication.twitter.com platform.twitter.com www.googletagmanager.com rcm-fe.amazon-adsystem.com disqus.com disqusads.com rcm-fe.amazon-adsystem.com; img-src 'self' *.disqus.com *.disquscdn.com *.googleusercontent.com *.google.com *.googledrive.comgoogledrive.com data: googledrive.com drive.google.com www.gstatic.com www.monotalk.xyz ssl.gstatic.com ir-jp.amazon-adsystem.com ssl.google-analytics.com www.google-analytics.com drive.google.com pagead2.googlesyndication.com stats.g.doubleclick.net cdn.viglink.com bcp.crwdcntrl.net drive.google.com www.googletagmanager.com; connect-src 'self' data: *.disqus.com uh0.nakanohito.jp www.google-analytics.com pagead2.googlesyndication.com syndication.twitter.com 3p.ampproject.net www.googletagmanager.com api.mixpanel.com ampcid.google.com ampcid.google.co.jp *.ampproject.net stats.g.doubleclick.net csi.gstatic.com kitchen.juicer.cc; font-src 'self' fonts.gstatic.com *.monotalk.xyz data:; object-src pagead2.googlesyndication.com; report-uri /report/ 1
script-src https://www.probikekit.jp https://m.probikekit.jp 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.probikekit.jp/cspReport.txt; 1
block-all-mixed-content; report-uri https://3wjf2nswjj.execute-api.ap-northeast-1.amazonaws.com/v1/csp-report; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mRZxNiUYowshCNJiiWCaUh8rU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.jp&source%5Bsection%5D=brochure&source%5Buuid%5D=311e673d0d9a21d0e8508d964f046199 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-I5vTfPHgAtlkfLFnTi0se6DY6pg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://s3-ap-northeast-1.amazonaws.com https://maps.googleapis.com https://ajaxzip3.github.io blob: data: https://yubinbango.github.io https://pagead2.googlesyndication.com https://adservice.google.co.jp https://adservice.google.com https://www.google.com https://uh.nakanohito.jp https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://unpkg.com/ https://ajax.googleapis.com static.syukatsulabo.jp; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com https://netdna.bootstrapcdn.com static.syukatsulabo.jp; img-src * data: https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com https://static.syukatsulabo.jp https://use.fontawesome.com https://netdna.bootstrapcdn.com https://s3-ap-northeast-1.amazonaws.com data: https://cdnjs.cloudflare.com; frame-src 'self' https://www.facebook.com https://staticxx.facebook.com https://www.googletagmanager.com https://web.facebook.com https://googleads.g.doubleclick.net https://www.google.com/recaptcha/; connect-src 'self' https://log.syukatsulabo.jp https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org https://s3-ap-northeast-1.amazonaws.com https://static.syukatsulabo.jp; report-uri https://syukatsunet.report-uri.com/r/d/csp/reportOnly; upgrade-insecure-requests 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UNy2JbIMZoUhaLdIti9IljrAA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UgS3uEvMoJhkhPL4x7dnmQEWoY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-td1TIFSLdTvWhON7lDuKznEEEFI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https:; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net www.facebook.com storage.googleapis.com www.googleapis.com securetoken.googleapis.com; script-src 'self' www.google-analytics.com www.gstatic.com apis.google.com connect.facebook.net www.youtube.com s.ytimg.com 'nonce-nV6L+95xLPAL7Bxn/NztBw=='; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: www.google-analytics.com www.google.co.jp www.google.com stats.g.doubleclick.net www.facebook.com loremflickr.com lorempixel.com wakka-development.storage.googleapis.com wakka-master.storage.googleapis.com wakka.storage.googleapis.com randomuser.me; font-src 'self' data:; frame-src 'self' www.facebook.com connect.facebook.net syoya-wakka.firebaseapp.com syoya-apps.firebaseapp.com www.youtube.com; report-uri https://productionwakka.report-uri.com/r/d/csp/reportOnly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-eItmEDZPmrwm0VvPkZGpbB3X4bU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-MUouHQeqfYvWgzTPibngLEfCh4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
connect-src ws://*.hotjar.com https://*.sqreen.io http://*.hotjar.com wss://*.hotjar.com https://*.intercomcdn.com https://*.lever.co https://*.intercom.io https://*.segment.io https://*.hotjar.com:12443 https://*.facebook.com https://*.cloudflare.com https://sumo.com https://*.timekit.io wss://*.appcues.net https://*.sumo.com wss://*.intercom.io https://*.hotjar.com 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4; img-src https://*.googleadservices.com https://*.google-analytics.com http://*.prfct.co https://*.gstatic.com https://*.cloudfront.net https://*.b-cdn.net https://heapanalytics.com 'self' https://*.twitter.com https://*.amazonaws.com data: http://t.co https://*.intercomassets.com https://*.clearbit.com http://*.googleadservices.com http://*.adnxs.com https://*.intercomcdn.com https://*.g.doubleclick.net https://sumo.com https://*.adnxs.com https://*.facebook.com http://heapanalytics.com https://*.prfct.co https://*.sqreen.io http://*.google-analytics.com https://*.google.com https://*.google.fr http://*.g.doubleclick.net https://t.co https://*.sumo.com; default-src 'self'; font-src https://*.intercomcdn.com https://*.gstatic.com data: 'self'; media-src https://*.intercomcdn.com 'self'; script-src https://*.ads-twitter.com https://*.googleadservices.com https://*.google-analytics.com http://*.prfct.co https://*.b-cdn.net https://*.facebook.net https://*.typeform.com http://*.facebook.net https://*.heapanalytics.com 'self' https://*.twitter.com data: https://*.cloudflare.com http://*.heapanalytics.com http://*.ads-twitter.com https://*.hotjar.com 'unsafe-inline' ws://*.hotjar.com http://*.googleadservices.com http://*.hotjar.com http://*.getdrip.com https://*.appcues.com https://*.googletagmanager.com https://*.jquery.com https://*.intercomcdn.com https://*.licdn.com http://*.perfectaudience.com https://*.segment.com 'unsafe-eval' wss://*.intercom.io https://*.timekit.io http://*.appcues.com https://*.prfct.co wss://*.hotjar.com https://*.getdrip.com http://*.google-analytics.com https://*.perfectaudience.com http://*.segment.com http://*.googletagmanager.com https://*.intercom.io https://*.sumo.com; style-src 'unsafe-inline' https://*.googleapis.com https://*.appcues.com https://*.b-cdn.net http://*.appcues.com 'self'; manifest-src 'self'; object-src 'self'; script-src-elem https://*.licdn.com http://*.getdrip.com https://*.getdrip.com https://*.b-cdn.net https://*.cloudflare.com https://*.sumo.com; style-src-elem https://*.b-cdn.net; worker-src 'self'; child-src 'self'; frame-src ws://*.hotjar.com http://*.hotjar.com wss://*.hotjar.com https://*.appcues.com https://*.g.doubleclick.net https://*.amazonaws.com https://*.typeform.com https://*.hotjar.com http://*.g.doubleclick.net http://*.appcues.com 'self' 1
script-src 'self' https://vk.com chrome-extension: https://api-maps.yandex.ru https://www.googletagmanager.com https://gosbar.gosuslugi.ru https://cdn.onesignal.com 'unsafe-eval' 'unsafe-inline' 'unsafe-inline' https://mc.yandex.ru http://127.0.0.1:5005 https://www.google-analytics.com https://onesignal.com 127.0.0.1:8182 127.0.0.1:8888 127.0.0.1:5005; frame-src 'self' https://onesignal.com chrome-extension:; object-src 'self'; report-uri /cspreportonly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-K7NH7TbjyzOvV2qIr6B9bK1Id8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com ; script-src 'unsafe-inline' https: http: 'unsafe-eval' https://www.gstatic.com ; report-uri /csp-violation/ 1
script-src 'self' https://*.cp-static.com 'unsafe-inline' 'unsafe-eval' https://www.centralpoint.nl https://www.centralpoint.be https://platform.twitter.com https://robincontentdesktop.blob.core.windows.net https://*.google.com https://*.googleapis.com https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://app.yieldify.com https://c779844.ssl.cf2.rackcdn.com https://www.ipmarketing.nl https://www.leadlabs.nl https://cdn.autheos.com https://s2.cdnplanet.com https://bat.bing.com https://cisco-commerce.merrick.nl https://ezbuy.houston.hp.com https://h41213.www4.hp.com https://cts-secure.channelintelligence.com https://pt1.beslist.nl https://*.facebook.net https://dev.visualwebsiteoptimizer.com https://az416426.vo.msecnd.net https://consent.cookiebot.com https://api.autheos.com https://js-agent.newrelic.com https://bam.nr-data.net https://nl.startech.com https://bam.nr-data.net https://cdnjs.cloudflare.com https://js-agent.newrelic.com https://nl.startech.com https://pixel.mathtag.com https://s7.addthis.com https://secure.adnxs.com https://*.gstatic.com https://*.linkedin.com https://*.youtube.com https://js-agent.newrelic.com https://s7.addthis.com https://sgcdn.startech.com https://tagmanager.google.com https://www.googletagmanager.com https://sjs.bizographics.com https://snap.licdn.com https://googleads.g.doubleclick.net https://static.hotjar.com https://script.hotjar.com; style-src 'self' https://*.cp-static.com 'unsafe-inline' 'unsafe-eval' data: https://www.centralpoint.nl https://www.centralpoint.be https://robincontentdesktop.blob.core.windows.net https://*.googleapis.com https://*.twitter.com https://tagmanager.google.com https://fonts.googleapis.com; font-src 'self' https://*.cp-static.com https://www.centralpoint.nl https://www.centralpoint.be data: https://*.gstatic.com; img-src 'self' https://*.cp-static.com 'unsafe-inline' 'unsafe-eval' data: https://www.centralpoint.nl https://www.centralpoint.be https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.google.com https://*.googletagmanager.com https://*.twitter.com https://robincontentdesktop.blob.core.windows.net https://bat.bing.com https://dev.visualwebsiteoptimizer.com https://ext.ligatus.com https://ad.doubleclick.net https://ds1.nl https://gethatch.com https://pixel.mathtag.com https://secure.adnxs.com https://sgcdn.startech.com https://*.linkedin.com https://zijn.samenresultaat.nl https://ssl.gstatic.com; frame-ancestors 'self' https://www.centralpoint.nl https://www.centralpoint.be http://hag-sappoh1.aoc.eu http://hag-sappop1.aoc.eu; report-uri https://www.centralpoint.nl/csp-report/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6OH0.eyJleHAiOjE1NDQzMjI5MTcsImlhdCI6MTU0NDMyMjkwNywibmJmIjoxNTQ0MzIyOTA3fQ.b1CH9BXyNvLa3b8d50UM0n6T9XKUUQ5qEAlU679_6io 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=c918dc57-7ca5-40f7-8b23-6f729de3ecd2&version=f767f246425966302215d0f72207a5c75609bbc0 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EwmWtnFGo2eEQnmKhDJN8bkzGEg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.ch ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.ch *.spreadshirt.ch ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.ch ; font-src 'self' https: *.spreadshirt.ch ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.ch ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.ch ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'unsafe-inline' https:; report-uri https://www.versicherungspartnerprogramm.de/csp-violation-ezmd9dpdxv7nb0ecejb9/ 1
default-src 'self' about: http: https: wss: *.typekit.net *.googletagmanager.com *.vimeo.com *.google-analytics.com js-agent.newrelic.com bam.nr-data.net  fonts.googleapis.com *.hpjcc.com  *.googleapis.com fonts.gstatic.com *.addthis.com www.googleadservices.com *.google.com *.agencehpj.com *.godaddy.com  *.pusher.com *.atedra.com *.comodo.com 'unsafe-eval' 'self' 'unsafe-inline' data: about: ; report-uri https://bb8.agencehpj.com/csp 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-AgJmK9tIh3Qi5FWNuUrK5JY1v4o'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' media.secure-mobiles.com facebook.com google.com drs2.veinteractive.com in.hotjar.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.googletagmanager.com www.google-analytics.com www.googleadservices.com media.secure-mobiles.com googleads.g.doubleclick.net accdn.lpsnmedia.net smct.co beacon.krxd.net cdn.api.twitter.com connect.facebook.net consumer.krxd.net fp.zenaps.com lo.v.liveperson.net lpcdn.lpsnmedia.net lptag.liveperson.net media.secure-mobiles.com script.hotjar.com static.hotjar.com tagconv.com www.everestjs.net www.hotukdeals.com www.zenaps.com stats.g.doubleclick.net mpsnare.iesnare.com www.dwin1.com *.veinteractive.com *.googleapis.com *.google.com *.bing.com *.krxd.net *.cloudfront.net *.reevoo.com *.facebook.net *.hotjar.com *.visualwebsiteoptimizer.com; style-src 'self' 'unsafe-inline' www.google-analytics.com www.googleadservices.com media.secure-mobiles.com cdn.mark.reevoo.com fonts.googleapis.com mark.reevoo.com translate.googleapis.com; frame-src 'self' vars.hotjar.com cdn.krxd.net edigitalsurvey.com connect.facebook.net lpcdn.lpsnmedia.net pixel.everesttech.net server.lon.liveperson.net settings.idmobile.co.uk smct.co vars.hotjar.com www.everestjs.net www.facebook.com www.googletagmanager.com www.three.co.uk www.zenaps.com *.veinteractive.com *.fls.doubleclick.net mark.reevoo.com; font-src 'self' data: cdn.mark.reevoo.com fonts.gstatic.com; img-src 'self' data: www.google-analytics.com *.bing.com media.secure-mobiles.com *.visualwebsiteoptimizer.com *.facebook.com *.google.com *.google.co.uk www.googletagmanager.com *.bing.com stats.g.doubleclick.net lpcdn.lpsnmedia.net apiservices.krxd.net beacon.krxd.net cdn.mark.reevoo.com cdn.smct.co cm.everesttech.net cm.g.doubleclick.net drs2.veinteractive.com dsum-sec.casalemedia.com googleads.g.doubleclick.net images.reevoo.com maps.googleapis.com media.secure-mobiles.com pixel.everesttech.net skynet.reevoo.com smct.co translate.googleapis.com www.awin1.com www.facebook.com www.google.co.uk www.gstatic.com www.zenaps.com mark.reevoo.com; connect-src 'self' beacon.krxd.net cdn.api.twitter.com clients6.google.com cookiee1.veinteractive.com drs2.veinteractive.com fp.zenaps.com graph.facebook.com in.hotjar.com jslog.krxd.net smct.co stats.g.doubleclick.net www.facebook.com www.google-analytics.com appsapi.veinteractive.com; report-uri https://cpwonlinesolutions.report-uri.com/r/d/csp/reportOnly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ncYAp46AhTlmaDn7bUFxax5imk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:;  object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; report-uri /app/api/cspViolation; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/bygdanytt/publishing/pro 1
default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'unsafe-inline' https:; report-uri https://www.check24-partnerprogramm.de/csp-violation-ezmd9dpdxv7nb0ecejb9/ 1
default-src 'none'; 'unsafe-inline' 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mwitJnv0sHoKr2C4Jh7Eta0RFo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' *.carrierenterprise.com *.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' *.google-analytics.com *.googletagmanager.com *.googleapis.com *.googleadservices.com googleads.g.doubleclick.net p.bm23.com *.salesforceliveagent.com *.authorize.net *.cdn.getfeedback.com connect.facebook.net cdn.brcdn.com f.vimeocdn.com *.newrelic.com *.nr-data.net *.olark.com bpb.opendns.com www.wufoo.com secure.wufoo.com; style-src 'self' 'unsafe-inline' 'report-sample' *.authorize.net f.vimeocdn.com fonts.googleapis.com *.olark.com; font-src 'self' data: fonts.gstatic.com *.authorize.net; img-src 'self' data: *.carrierenterprise.com *.google.com *.google.ae *.google.ca *.google.cl *.google.dk *.google.es *.google.hn *.google.iq *.google.it *.google.lk *.google.mu *.google.nl *.google.ro *.google.rw *.google.sr *.google.tt *.google.co.in *.google.co.jp *.google.co.ke *.google.co.th *.google.co.ve *.google.co.vi *.google.co.za *.google.com.bh *.google.com.co *.google.com.ec *.google.com.eg *.google.com.gt *.google.com.kw *.google.com.lb *.google.com.mx *.google.com.ni *.google.com.om *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.googletagmanager.com *.googleapis.com *.gstatic.com *.google-analytics.com *.g.doubleclick.net *.authorize.net www.facebook.com app.bm23.com p.brsrvr.com *.nr-data.net i.vimeocdn.com widgets.magentocommerce.com *.olark.com bookeo.com; frame-src 'self' 'report-sample' *.carrierenterprise.com *.googletagmanager.com www.google.com *.g.doubleclick.net *.authorize.net api.pmqzads.com www.facebook.com connect.facebook.net player.vimeo.com www.youtube.com www.getfeedback.com *.olark.com carrierenterprise.wufoo.com cenortheast.wufoo.com cmmux.wufoo.com *.bookeo.com; form-action 'self' 'report-sample' *.carrierenterprise.com www.carrierenterprise.ca www.cehvac.com www.homans.com *.authorize.net:443 www.facebook.com connect.facebook.net; connect-src 'self' *.carrierenterprise.com *.google-analytics.com translate.googleapis.com *.g.doubleclick.net *.authorize.net fresnel.vimeocdn.com www.facebook.com *.nr-data.net *.brsrvr.com *.olark.com; block-all-mixed-content; report-uri https://carrierenterprise.report-uri.com/r/t/csp/reportOnly 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com.mx&source%5Bsection%5D=brochure&source%5Buuid%5D=f72eec7d5bd763aa59d310e8d2ca2b20 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://5rcgroesvlvlu1myft3pccni.httpschecker.net/report 1
default-src 'none'; base-uri 'self'; font-src 'self' maxcdn.bootstrapcdn.com cdn.jsdelivr.net fonts.gstatic.com js.intercomcdn.com data: magnetis-herokuapp-com.global.ssl.fastly.net st.getsitecontrol.com use.fontawesome.com; img-src 'self' data: cdn.jsdelivr.net t.co www.google-analytics.com magnetis-herokuapp-com.global.ssl.fastly.net magnetis-staging-herokuapp-com.global.ssl.fastly.net *.outbrain.com *.doubleclick.net www.google.com www.google.com.br track.hubspot.com *.intercom.io *.intercomcdn.com www.googletagmanager.com www.facebook.com secure.adnxs.com media.getsitecontrol.com static.intercomassets.com static.intercom-mail-300.com intercom.help app.getsitecontrol.com *.cloudfront.net analyticspage.tools googleads.g.doubleclick.net *.gstatic.com stats.g.doubleclick.net www.googleadservices.com *.hubspot.net; object-src 'self'; script-src 'self' 'unsafe-eval' js-agent.newrelic.com bam.nr-data.net magnetis-herokuapp-com.global.ssl.fastly.net tagmanager.google.com d2dq2ahtl5zl1z.cloudfront.net static.ads-twitter.com cdn.aircall.io amplify.outbrain.com *.hotjar.com js.hs-analytics.net www.googletagmanager.com www.google-analytics.com *.getsitecontrol.com *.intercom.io js.hs-scripts.com js.usemessages.com js.intercomcdn.com *.zanox.com analytics.twitter.com *.wootric.com cdnjs.cloudflare.com connect.facebook.net www.googleadservices.com www.facebook.com voxus-targeting-voxusmidia.netdna-ssl.com static.sback.tech poscompra.shopconvert.com.br static.shopback.net viacep.com.br 'nonce-85TKwknZduSZoFHHLjlUgg=='; style-src 'self' https: cdn.jsdelivr.net fonts.googleapis.com 'unsafe-inline'; connect-src 'self' internal.aircall.io api.segment.io api.hubspot.com *.hotjar.com *.intercom.io wss://*.intercom.io wss://*.hotjar.com *.airbrake.io www.google-analytics.com future-value-simulator.herokuapp.com app.getsitecontrol.com ads.adaptv.advertising.com ajax.googleapis.com analyticspage.tools api.ipify.org api.shopback.net api.voxus.tv bpb.opendns.com click.retargeter.com.br code.jquery.com front.shopconvert.com.br front.shoptarget.com.br *.intercomcdn.com production.wootric.com *.doubleclick.net targeting-version-voxusmidia.netdna-ssl.com wootric-eligibility.herokuapp.com www.facebook.com d8myem934l1zi.cloudfront.net amplify.outbrain.com api.zanox.com br.api4load.com bugdepromo.com cdn.aircall.io cdn.jsdelivr.net cdn.wootric.com ckies.net connect.facebook.net d2dq2ahtl5zl1z.cloudfront.net fonts.googleapis.com fonts.gstatic.com gj.track.uc.cn gjtrack.ucweb.com js.hs-analytics.net magnetis-herokuapp-com.global.ssl.fastly.net future-value-simulator-staging.herokuapp.com maxcdn.bootstrapcdn.com static.ads-twitter.com static.zanox.com targeting.voxus.tv voxus-targeting-voxusmidia.netdna-ssl.com *.hotjar.com www.googleadservices.com www.googletagmanager.com www.youtube.com *.loggly.com; child-src 'self' www.youtube.com vars.hotjar.com/ *.doubleclick.net/ api-iam.intercom.io targeting.voxus.tv www.facebook.com  connect.facebook.net www.googletagmanager.com; frame-src 'self' intercom-sheets.com connect.facebook.net targeting.voxus.tv www.facebook.com www.googletagmanager.com www.youtube.com vars.hotjar.com *.doubleclick.net; form-action 'self' connect.facebook.net intercom.help www.facebook.com api-iam.intercom.io; frame-ancestors 'self'; manifest-src 'self'; media-src 'self' js.intercomcdn.com; report-uri https://magnetis.report-uri.com/r/d/csp/enforce 1
script-src https://www.mankind.co.uk https://m.mankind.co.uk 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.mankind.co.uk/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5eOIWNmGFtIkKuCdIZMbS35Nm4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://k0veladypjvf5jvxtm2xjtas.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JHytiFTg39dL6gWuO8d3x9bD5c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1Od8DfdfW0cOdazMW080AvDffXw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; worker-src https: data: blob:; font-src https: data:; report-uri https://psi.pixum.com/?ns=content-security-policy&service=base&module=status&action=log&sessionId=ce42ad4508f7a1a40f442c68289e09ae3640ebdc 1
connect-src 'self' logx.optimizely.com *.optimizely.com *.maginfrastructure.com *.hotjar.com www.google-analytics.com capture.trackjs.com www.facebook.com stats.g.doubleclick.net *.holidayextras.co.uk;frame-src *.optimizely.com *.fls.doubleclick.net vars.hotjar.com www.googletagmanager.com www.facebook.com www.thetrainline.com www.google.com;img-src 'self' cdn.optimizely.com assets.live.web.maginfrastructure.com live-webadmin-media.s3.amazonaws.com test-webadmin-media.s3.amazonaws.com s3-eu-west-1.amazonaws.com www.google-analytics.com nova.collect.igodigital.com www.facebook.com usage.trackjs.com p.typekit.net mag-retail-media-live.s3.amazonaws.com bat.bing.com pixel.quantserve.com *.g.doubleclick.net t.co www.google.com www.google.co.uk *.cpx.to *.adnxs.com *.avocet.io p.travelsmarter.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' data: cdn.optimizely.com https://www.googletagmanager.com www.googletagservices.com www.google-analytics.com www.google.com cdn.trackjs.com static.hotjar.com script.hotjar.com 10959453.collect.igodigital.com/collect.js cdn3.optimizely.com connect.facebook.net tag.yieldoptimizer.com use.typekit.net inpref.s3.amazonaws.com securepubads.g.doubleclick.net platform.twitter.com *.cpx.to rules.quantcount.com static.ads-twitter.com analytics.twitter.com www.gstatic.com adservice.google.co.uk adservice.google.com secure.quantserve.com bat.bing.com *.doubleclick.net www.googleadservices.com 'nonce-uBB17VY39n87pSd0HjX7GfR94OFmg3CE';style-src 'self' 'unsafe-inline' static.tacdn.com data:; report-uri https://webevo.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZuNI4fxEYLn5tMIWi3RzKJ9u6d0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PUvKX3736JMLsmp1JZhGs92Dc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: s.ytimg.com siteimproveanalytics.com us4.siteimprove.com *.google-analytics.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.youtube.com 1
script-src https://www.sowaswillichauch.de https://m.sowaswillichauch.de 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.sowaswillichauch.de/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IjBj754oEWjbrIwDdpuKiMQArVc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ESo1sevHWqfQgCHGdlTmdAoXIOU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-DXrtcopwE1l9uPqIR55nMuv2ZeY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.ca ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.ca *.spreadshirt.ca ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.ca ; font-src 'self' https: *.spreadshirt.ca ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.ca ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.ca ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-QvhX1TKjDFPuyzhT68ci4ivtEGg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' ws.colissimo.fr maps.google.fr www.google.com; img-src 'self' ws.colissimo.fr data: https:; script-src 'self' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com ws.colissimo.fr https://apis.google.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; frame-ancestors 'self' ws.colissimo.fr maps.google.fr; object-src 'none'; connect-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net; report-uri /lpdp_cspreport.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hOpU4PcEBtU1R2vSfGPD6dnRVg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self';style-src 'self' 'unsafe-inline' *.googleapis.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' data: connect.facebook.net www.google-analytics.com www.paypal.com www.paypalobjects.com;img-src 'self' www.paypal.com t.paypal.com www.facebook.com;font-src *.gstatic.com;frame-src *.facebook.com;connect-src 'self' www.facebook.com 1
default-src https: 'unsafe-inline' 'unsafe-eval' data: about: blob:; report-uri /_resources/php/csp-report.php 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://rvrptqdzj5v5h5dxva2l1qk1.httpschecker.net/report 1
default-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.typekit.net *.episerver.net zefzhat.appspot.com www.googletagmanager.com *.hotjar.com *.google-analytics.com code.jquery.com ajax.googleapis.com az416426.vo.msecnd.net dc.services.visualstudio.com netdna.bootstrapcdn.com storage.googleapis.com *.upm.com go.upmpaper.com pi.pardot.com syndication.twitter.com sjs.bizographics.com connect.facebook.net stats.livezhat.com *.ads.linkedin.com www.linkedin.com s.ytimg.com maps.googleapis.com api.siteattention.com www.googleadservices.com cdn.syndication.twimg.com flockler.com embed-cdn.flockler.com static.flockler.com fl-cdn.scdn1.secure.raxcdn.com cdn.datatables.net snap.licdn.com www.youtube.com gateway.zscloud.net viewer.blipstar.com translate.googleapis.com static.handpickedcherries.com maxcdn.bootstrapcdn.com rules.quantcount.com secure.quantserve.com apps.myzef.com tools.eurolandir.com; font-src 'self' data: use.typekit.net *.typekit.net fonts.gstatic.com fonts.googleapis.com storage.googleapis.com netdna.bootstrapcdn.com i.s-microsoft.com upmapi.portal.azure-api.net *.hotjar.com css.zohostatic.com cdnjs.cloudflare.com; img-src 'self' data: blob: about: *.typekit.net livezhat.zef.fi *.hotjar.com www.google-analytics.com *.upm.com www.upmbiofore.fi pbs.twimg.com secure.adnxs.com www.upmbiofore.com www.upmspecialtypapers.com stats.g.doubleclick.net googleads.g.doubleclick.net www.google.com www.google.fi www.google.dk maps.googleapis.com maps.gstatic.com www.gstatic.com www.facebook.com static.flockler.com flockler.com hm.baidu.com img.youtube.com translate.google.com cdn.datatables.net s3.amazonaws.com www.googletagmanager.com translate.googleapis.com hugin.info graph.facebook.com scontent.xx.fbcdn.net pixel.quantserve.com commondatastorage.googleapis.com i.ytimg.com dl.episerver.net; connect-src 'self' *.hotjar.com www.upmbiofore.com dc.services.visualstudio.com performance.typekit.net api.siteattention.com www.google-analytics.com uutiskirje.upmmetsa.fi stats.g.doubleclick.net upm-prod.taiste.fi *.upm.com translate.googleapis.com hm.baidu.com api.mapbox.com a.tiles.mapbox.com b.tiles.mapbox.com wss://*.hotjar.com wss://www.upm.com; style-src 'self' 'unsafe-inline' *.upm.com livezhat.zef.fi netdna.bootstrapcdn.com static.flockler.com fonts.googleapis.com maxcdn.bootstrapcdn.com translate.googleapis.com cdnjs.cloudflare.com dl.episerver.net; frame-src 'self' data: *.doubleclick.net www.facebook.com connect.facebook.net *.upm.com www.google.com go.upmpaper.com player.youku.com go.pardot.com www.youtube.com *.hotjar.com www.ciuvo.com www.googletagmanager.com viewer.blipstar.com apps.myzef.com gamma.euroland.com; report-uri https://upmdcrep.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-KVORPoBUgUqxerDMYjaTeJMfE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://d22739b8qd5enr.cloudfront.net https://a.okfn.org https://js-agent.newrelic.com https://www.google-analytics.com https://use.typekit.net https://bam.nr-data.net 'unsafe-inline' 'self'; default-src 'none'; img-src https://d22739b8qd5enr.cloudfront.net https://a.okfn.org data: https://gravatar.com https://1.gravatar.com https://2.gravatar.com https://secure.gravatar.com https://p.typekit.net https://ping.typekit.net https://www.google-analytics.com; style-src https://d22739b8qd5enr.cloudfront.net https://a.okfn.org 'unsafe-inline' https://use.typekit.net; font-src https://d22739b8qd5enr.cloudfront.net https://a.okfn.org data: https://use.typekit.net https://themes.googleusercontent.com; report-uri https://report-uri.io/report/3b3ae25e9e4ccf5f28ea8bef8e70fc63/reportOnly 1
connect-src https://*.facebook.com https://*.hotjar.com 'self' https://*.googleapis.com https://*.mixpanel.com https://*.cloudflare.com wss://*.hotjar.com; frame-src https://*.facebook.com https://*.hotjar.com https://*.google.com 'self' https://*.g.doubleclick.net https://*.driftt.com http://*.google.com https://*.cloudfront.net wss://*.hotjar.com; script-src https://*.facebook.com https://*.hotjar.com https://*.google.com 'self' 'unsafe-eval' https://*.ausgezeichnet.org https://*.google-analytics.com https://*.nr-data.net https://*.googleapis.com 'unsafe-inline' https://*.newrelic.com https://*.driftt.com http://*.google.com https://*.cloudflare.com https://*.mxpnl.com https://*.cloudfront.net wss://*.hotjar.com https://unpkg.com; worker-src 'self'; manifest-src 'self'; font-src https://*.gstatic.com 'self' https://unpkg.com; default-src *.ravenjs.com 'self'; style-src https://*.google.com 'self' https://*.googleapis.com 'unsafe-inline' http://*.google.com https://*.cloudflare.com https://*.cloudfront.net https://unpkg.com; object-src https://*.cloudfront.net 'self'; img-src https://*.facebook.com https://*.google.com 'self' https://*.google-analytics.com https://*.ausgezeichnet.org https://*.googleapis.com https://*.g.doubleclick.net http://*.google.com https://*.gstatic.com https://*.cloudfront.net; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_e1d179bd309a456abc36313a51dfc009; child-src 'self'; media-src 'self' 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VWE5iNjIVjYeoh7MhWsW4BN9ItM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' *.localphone.com *.localphone.co.uk https://*.tawk.to wss://*.tawk.to; img-src * data: ; child-src *; frame-src *; script-src 'self' 'unsafe-inline' *.localphone.com https://*.google.com https://ajax.googleapis.com http://www.google-analytics.com https://*.gstatic.com https://*.g.doubleclick.net https://www.googleadservices.com https://www.facebook.com https://*.tawk.to https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' *.localphone.com https://*.googleapis.com https://cdn.jsdelivr.net; font-src 'self' data: fonts.gstatic.com https://*.tawk.to https://sxt.cdn.skype.com; connect-src 'self' *.localphone.com https://*.tawk.to wss://*.tawk.to; report-uri https://localphone.report-uri.io/r/default/csp/reportOnly 1
script-src https://www.popinabox.co.uk https://m.popinabox.co.uk 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.popinabox.co.uk/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-D6OquQJmFIcLPoLhEgLTkGt5W4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qTqDT41e5DyA4HaQcKFc5Ycnq5o'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LpnZB20MlUXszfUrUiQAz86Rp3U'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
frame-ancestors https://www.stgkk.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at; frame-src https://www.stgkk.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at https://sso.sozialversicherung.at; report-uri https://www.sozialversicherung.at/cds_csp/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-n0wVrkhp9P1TPVzTFCVo13HZl5w'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: blob: wss://*.zopim.com 'unsafe-inline' 'unsafe-eval' wss://*.flightcentre.co.za:*; frame-ancestors *.calypso.net.au *.flightcentre.co.za; report-uri /api/csp_report; img-src https: blob: data:; font-src https: blob: data:; 1
default-src 'self'; style-src 'inline'; report-uri https://1e031bc28af67e84e052beae680ccd74.report-uri.io/r/default/csp/reportOnly 1
default-src 'self' https://www.deca.com.br; script-src 'strict-dynamic' 'unsafe-inline' https: 'nonce-EM6JNLPjfblIu6NMMOu6wZx79BzvmUM1qT89JBBRpyQrEDbMgPx8flRseNXCVecB2SM70cfK1kVnOBmewd5900y9Nu6AJCa5s2neBD9VuDTRc50az4kZ9Go7WwrvFRY9' 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.no ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.no *.spreadshirt.no ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.no ; font-src 'self' https: *.spreadshirt.no ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.no ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.no ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PXlriXDNpQUr1dXUHfPyv0hXJI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
style-src 'self' 'self' 'unsafe-inline' fonts.googleapis.com/css https://maxcdn.bootstrapcdn.com https://platform.twitter.com/css/; script-src 'self' 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.2.4.min.js https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js https://code.jquery.com/ui/1.12.1/jquery-ui.js www.google-analytics.com/plugins/ua/ecommerce.js platform.twitter.com/widgets.js https://www.dwin1.com/2913.js https://www.googletagmanager.com/gtm.js connect.facebook.net/en_GB/sdk.js https://platform.twitter.com/js/ stats.g.doubleclick.net/dc.js www.google-analytics.com/analytics.js https://www.google-analytics.com/gtm/js pagead2.googlesyndication.com/pagead/js/ https://analytics.twitter.com/i/adsct https://d16fk4ms6rqz1v.cloudfront.net/capture/guidedogs.js collector-328.tvsquared.com https://track.adform.net/serving/scripts/trackpoint/async/ track.adform.net/Serving/TrackPoint/ c1.rfihub.net/js/tc.min.js a.rfihub.com pixel.quantserve.com/aquant.js https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ static.ads-twitter.com/uwt.js https://prf.audiencemanager.de/log/profile/user-match https://cdn.syndication.twimg.com/timeline/profile https://secure.quantserve.com/aquant.js https://ad.doubleclick.net/ddm/ https://maps.googleapis.com static.hotjar.com/c/ https://script.hotjar.com https://www.googletagservices.com; frame-src 'self' 'self' https://accreditation.datacash.com https://www.youtube.com https://platform.twitter.com https://vars.hotjar.com https://www.audiencemanager.de staticxx.facebook.com 20723307p.rfihub.com 20733164p.rfihub.com 20723314p.rfihub.com https://s.salecycle.com https://www.facebook.com https://connect.facebook.net https://syndication.twitter.com a.rfihub.com 5496518.fls.doubleclick.net https://hps.datacash.com; img-src 'self' 'self' data: https://www.paypalobjects.com/webstatic/ https://scontent.cdninstagram.com/vp/ https://aax-eu.amazon-adsystem.com https://secure.adnxs.com https://syndication.twitter.com/i/jot/syndication https://syndication.twitter.com/i/jot https://platform.twitter.com/css/ https://www.facebook.com/impression.php/ https://www.facebook.com/tr/ https://www.google-analytics.com https://www.google.com/ads/ https://www.google.co.uk/ads/ https://stats.g.doubleclick.net collector-328.tvsquared.com https://googleads4.g.doubleclick.net pixel.quantserve.com t.co/i/adsct https://abs.twimg.com https://pbs.twimg.com https://www.googletagmanager.com https://ib.adnxs.com https://pixel.quantcount.com https://maps.gstatic.com/mapfiles/ https://maps.googleapis.com/maps/ https://cdn.rawgit.com/mahnunchik/ https://raw.githubusercontent.com/mahnunchik; report-uri /csp-report/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZRDP1H9Yjv9QAUV3x2KUowgHA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1iBS8IidaSIbLFG3rF6xf8Wcg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-am0hL3163rj1PfxGYNgukFiqEk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IZ942iJtnYoIJ0burrJVSnEvsE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/krsby/publishing/pro 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BOOidmbeosgrLhHJo3JidxA9vY8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com assets.ubembed.com *.js.ubembed.com connect.facebook.net cdn.polyfill.io code.jquery.com s7.addthis.com m.addthisedge.com m.addthis.com use.typekit.net www.google-analytics.com ssl.google-analytics.com cable.disqus.com script.crazyegg.com platform.twitter.com cdn.syndication.twimg.com speedtest.cable.co.uk cdnjs.cloudflare.com maxcdn.bootstrapcdn.com widget.trustpilot.com s3.amazonaws.com cable.us4.list-manage.com admin.cable.co.uk services.xg4ken.com pcuktelecom.tdsapi.com pci.tdscd.com pcf.tdscd.com beacon-v2.helpscout.net localhost:3000; connect-src 'self' *.events.ubembed.com performance.typekit.net pcuktelecom.tdsapi.com pcf.tdscd.com m.addthis.com cable.us4.list-manage.com admin.cable.co.uk localhost:3000; img-src 'self' data: *.cable.co.uk p.typekit.net www.google.com www.googletagmanager.com www.google.co.uk www.google-analytics.com syndication.twitter.com s1.2mdn.net ad.doubleclick.net stats.g.doubleclick.net gtrk.s3.amazonaws.com platform.twitter.com pbs.twimg.com m.addthis.com code.jquery.com 19.xg4ken.com s3-eu-west-1.amazonaws.com pcf.tdscd.com; style-src 'self' 'unsafe-inline' platform.twitter.com code.jquery.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com admin.cable.co.uk localhost:3000; font-src 'self' fonts.typekit.net use.typekit.net maxcdn.bootstrapcdn.com pcf.tdscd.com admin.cable.co.uk data: localhost:3000; object-src 'self' api.ookla.com fpdownload.adobe.com; frame-src 'self' *.pages.ubembed.com platform.twitter.com syndication.twitter.com s7.addthis.com widget.trustpilot.com googleads.g.doubleclick.net data:; child-src 'self' blob:; report-uri https://bilgo.report-uri.io/r/default/csp/reportOnly 1
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://onlinechat2.nic.cz https://test-ipv6.nic.cz https://*.test-ipv6.nic.cz https://piwik.nic.cz/piwik.js https://platform.twitter.com https://cdn.syndication.twimg.com https://s.ytimg.com https://*.googleapis.com https://*.google.com https://connect.facebook.net https://*.mapy.cz; object-src 'self'; style-src 'self' 'unsafe-inline' https://www.rhybar.cz https://platform.twitter.com https://*.nic.cz https://fonts.googleapis.com https://api.mapy.cz; img-src * data:; media-src *; frame-src *; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.test-ipv6.nic.cz https://*.labs.nic.cz https://rdap.nic.cz https://www.rhybar.cz https://akademie.nic.cz https://piwik.nic.cz/piwik.php https://www.nic.cz/files/CORS/projects-bar/ https://mojeid.cz https://syndication.twitter.com; report-uri https://csp.nic.cz/report/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Kgne8YTntiNvLPGVF9B71AlGs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src https://www.skincarerx.com https://m.skincarerx.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://dnn506yrbagrg.cloudfront.net; report-uri https://www.skincarerx.com/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XxK1aPNqmTApdEc3pWWGtGvl24g'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5Ow4FhKUG4GTLNPSxcaf3yuBOg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-U3ik2kI5CKKZU4JKECOEAuIEXEY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' data: *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; style-src 'self' 'unsafe-inline' *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; font-src 'self' data: *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; img-src 'self' data: *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; frame-src 'self' *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; worker-src 'self' blob: *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; connect-src 'self' wss://*.prosodie.com *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; media-src *.google-analytics.com *.gstatic.com *.googleapis.com *.abtasty.com *.prosodie.com *.thechatbotfactory.com *.unpkg.com *.botframework.com *.inbenta.com *.quicksign.fr *.docusign.net *.crossquantum.com *.lafinbox.pro *.swisslife.fr *.youtube.com *.youtube.fr; object-src 'self'; report-uri /api/v3/log-csp-violation; report-to /api/v3/log-csp-violation 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zjs5EWg5HSxi03NgugcZuR1abq4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nSBbLNePEf2lMYDOSlmgxeyrA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
child-src 'self'; font-src https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://fonts.gstatic.com https://widgets.trustedshops.com https://use.fontawesome.com data:; frame-src 'self' https://www.youtube-nocookie.com https://payments-amazon.de https://payments.amazon.de https://payments.amazon.fr https://payments.amazon.it https://payments.amazon.es https://*.payments-amazon.com https://*.amazon.com https://www.google.com https://disqus.com https://www.facebook.com https://www.ekomi.de https://w.soundcloud.com; img-src 'self' https://* * data:; script-src 'self' https://*.google-analytics.com https://www.google-analytics.com https://code.jquery.com https://oss.maxcdn.com https://cdnjs.cloudflare.com https://bat.bing.com https://*.intelliad.de https://cdn.jsdelivr.net https://*.payments-amazon.com https://*.amazon.com https://payments.amazon.de https://payments.amazon.fr https://payments.amazon.it https://payments.amazon.es https://ajax.googleapis.com https://www.google.com https://www.gstatic.com https://*.disquscdn.com https://*.disqus.com https://disqus.com https://widgets.trustedshops.com https://*.aftership.com https://media2.supermagnete.fr https://www.supermagnete.fr 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://widgets.trustedshops.com https://use.fontawesome.com https://*.disquscdn.com https://www.google.com/uds/ https://media2.supermagnete.fr https://www.supermagnete.fr 'unsafe-inline' data:; report-uri https://supermagnete.report-uri.com/r/d/csp/reportonly; report-to https://supermagnete.report-uri.com/r/d/csp/reportonly; 1
script-src *.googletagmanager.com *.google-analytics.com 'self' 'unsafe-inline' 'unsafe-eval' connect.facebook.net c.imedia.cz *.hotjar.com tagmanager.google.com www.google.com www.gstatic.com 'nonce-2726c7f26c'; style-src 'self' 'unsafe-inline' tagmanager.google.com cdnjs.cloudflare.com fonts.googleapis.com; report-uri 'self' 1
script-src https://www.myprotein.gr https://m.myprotein.gr 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.gr/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-naIIf4YcGvMJuxo2cv8tuldNyA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-otmZoQ1TYOj1AX5oIxrlvdLMmY4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5JqVmwDmY6EPqXxQnbabkSrjlwM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src https://www.idealfit.com https://m.idealfit.com 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://dnn506yrbagrg.cloudfront.net https://www.shopperapproved.com; report-uri https://www.idealfit.com/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qdkQ07Q76gtjpoSCWlV7p3bafqo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.flagman.kiev.ua www.googletagmanager.com www.google-analytics.com yandex.st mc.yandex.ru clck.yandex.ru api-maps.yandex.ru geocode-maps.yandex.ru *.multichannel.demo.owox.com; default-src 'self' fonts.gstatic.com *.flagman.kiev.ua; frame-src *.flagman.kiev.ua vkontakte.ru yastatic.net www.facebook.com vk.com; img-src *.flagman.kiev.ua data: yastatic.net www.google-analytics.com stats.g.doubleclick.net api-maps.yandex.ru *.maps.yandex.net google-analytics.bi.owox.com 130.211.91.193 nullpoint.owox.com *.multichannel.demo.owox.com; style-src 'unsafe-inline' 'self' fonts.googleapis.com *.flagman.kiev.ua; report-uri https://csp.flagman.kiev.ua; connect-src 'self' mc.yandex.ru www.youtube.com *.googlevideo.com www.google-analytics.com google-analytics.bi.owox.com 130.211.91.193; object-src 'self' www.youtube.com fonts.gstatic.com *.flagman.kiev.ua; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JxAnaf3xjQ0FAL0R5Fq8Pj8AOSg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7zFGJb7VFAPi7xSQb42uig9yuE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.pl ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.pl *.spreadshirt.pl ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.pl ; font-src 'self' https: *.spreadshirt.pl ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.pl ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.pl ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
img-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.nextgov.com/api/report-csp-error/ 1
script-src https://www.lookfantastic.se https://m.lookfantastic.se 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.lookfantastic.se/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Re85fWEusANEU2qwGZ8IVo6Mc8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.myprotein.tw https://m.myprotein.tw 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.tw/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dXA8m1fg3VVZzrT6BYuNRWDarTo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fzX7xZPV1m16x2j2ACg13bm7GZo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mVSS1ZJJGC5I3cYVcXWFmgOCbY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6PBcQyObjtaMrizWCBv0gdVw3i4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri / 1
child-src 'self'; font-src https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://fonts.gstatic.com https://widgets.trustedshops.com https://use.fontawesome.com data:; frame-src 'self' https://www.youtube-nocookie.com https://payments-amazon.de https://payments.amazon.de https://payments.amazon.fr https://payments.amazon.it https://payments.amazon.es https://*.payments-amazon.com https://*.amazon.com https://www.google.com https://disqus.com https://www.facebook.com https://www.ekomi.de https://w.soundcloud.com; img-src 'self' https://* * data:; script-src 'self' https://*.google-analytics.com https://www.google-analytics.com https://code.jquery.com https://oss.maxcdn.com https://cdnjs.cloudflare.com https://bat.bing.com https://*.intelliad.de https://cdn.jsdelivr.net https://*.payments-amazon.com https://*.amazon.com https://payments.amazon.de https://payments.amazon.fr https://payments.amazon.it https://payments.amazon.es https://ajax.googleapis.com https://www.google.com https://www.gstatic.com https://*.disquscdn.com https://*.disqus.com https://disqus.com https://widgets.trustedshops.com https://*.aftership.com https://media2.supermagnete.de https://www.supermagnete.de 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://widgets.trustedshops.com https://use.fontawesome.com https://*.disquscdn.com https://www.google.com/uds/ https://media2.supermagnete.de https://www.supermagnete.de 'unsafe-inline' data:; report-uri https://supermagnete.report-uri.com/r/d/csp/reportonly; report-to https://supermagnete.report-uri.com/r/d/csp/reportonly; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://blogun.report-uri.io/r/default/csp/reportOnly 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://www.youtube.com http://us1.siteimprove.com/ https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com https://www.youtube.com http://us1.siteimprove.com/ https://s.ytimg.com; object-src 'self'; img-src 'self' http://reedsmith.vuture.net https://www.google-analytics.com https://www.googletagmanager.com http://us1.siteimprove.com/; font-src 'self' https://fonts.gstatic.com; connect-src 'self';frame-ancestors 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com; report-uri https://d347b8264a61d229bec175972d08ae24.report-uri.io/r/default/csp/enforce 1
script-src https://www.lookfantastic.ru https://m.lookfantastic.ru 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.lookfantastic.ru/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vcSpOxn46yqGgNsbKTEm2SFBk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' www.charnwood.gov.uk my.charnwood.gov.uk www.youtube-nocookie.com; script-src 'self' www.charnwood.gov.uk my.charnwood.gov.uk cdn.ravenjs.com ssl.google-analytics.com www.google-analytics.com static.addtoany.com dfsrovckda8bt.cloudfront.net hitcounter.servmetric.com www.google.com maps.google.com maps.google.co.uk translate.google.com maps-api-ssl.google.com *.googleapis.com www.googletagmanager.com platform.twitter.com babm.texthelp.com plus.browsealoud.com *.tawk.to cdn.jsdelivr.net cdn.syndication.twimg.com https://e.issuu.com https://www.gstatic.com/recaptcha/ websurveys2.servmetric.com websurveys2.govmetric.com hitcounter.govmetric.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' www.charnwood.gov.uk fonts.googleapis.com dfsrovckda8bt.cloudfront.net maps.google.com maps.google.co.uk *.googleapis.com plus.browsealoud.com cdn.jsdelivr.net platform.twitter.com ton.twimg.com websurveys2.govmetric.com websurveys2.servmetric.com 'unsafe-inline'; img-src 'self' data: www.charnwood.gov.uk secure.cuttlefish.com static.cuttlefish.com ssl.google-analytics.com www.google-analytics.com dfsrovckda8bt.cloudfront.net www.google.com maps.google.com maps.google.co.uk *.gstatic.com *.googleapis.com maps-api-ssl.google.com babm.texthelp.com plus.browsealoud.com syndication.twitter.com platform.twitter.com stats.g.doubleclick.net cdn.syndication.twimg.com ton.twimg.com pbs.twimg.com abs.twimg.com https://*.ggpht.com static-v.tawk.to websurveys2.govmetric.com websurveys2.servmetric.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com static-v.tawk.to; connect-src 'self' www.charnwood.gov.uk ssl.google-analytics.com www.google-analytics.com translate.googleapis.com babm.texthelp.com plus.browsealoud.com baspeech.speechstream.net sentry.cuttlefish.com https://stats.g.doubleclick.net *.tawk.to wss://*.tawk.to; frame-src 'self' www.charnwood.gov.uk my.charnwood.gov.uk static.addtoany.com platform.twitter.com syndication.twitter.com www.facebook.com www.facebook.com websurveys.servmetric.com www.youtube-nocookie.com https://e.issuu.com https://www.google.com/recaptcha/ va.tawk.to websurveys2.govmetric.com; media-src 'self' www.charnwood.gov.uk my.charnwood.gov.uk baspeech.speechstream.net; frame-ancestors 'self' www.charnwood.gov.uk my.charnwood.gov.uk; child-src 'self' va.tawk.to; form-action 'self' www.charnwood.gov.uk my.charnwood.gov.uk pa.charnwood.gov.uk va.tawk.to; report-uri https://us-central1-domains-174713.cloudfunctions.net/csp?report_only; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.es&source%5Bsection%5D=brochure&source%5Buuid%5D=14bb618c94baddef38acc7e3ec2262cd 1
report-uri /csp-violations.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-COetTrDDdTv9dN5lUWJi9qhUI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1kxpJRy8Asq905yZB34agBzsw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2T4DPNXqyLg8eFQMFJwDGF5CA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UdoVOIqXQwd8Du186At1q8WlAU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.myprotein.co.kr https://m.myprotein.co.kr 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.co.kr/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3ofCUSIXnjVZBRoqxC9QnJQhFnc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BccnVHXuuwAXvQR6NSccW6k0ROk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-orLTbcUeIq1liabzishtoPi9wcA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-X0GfCXJksFDKoIhs1NZ5vnAU8c'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oqHCuTebpTksFCPzv24K9TXYESQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yZjpcdRjLduMTNOl7kRoVxjhbF8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' data: 'unsafe-inline' e.bongo4u.com; script-src 'self' data: 'unsafe-inline' e.bongo4u.com blob: 'unsafe-eval' *.google.com *.gstatic.com www.google-analytics.com ajax.googleapis.com *.googleusercontent.com *.googleadservices.com *.facebook.net *.twitter.com *.twimg.com *.youtube.com *.ytimg.com *.yahooapis.com *.mailchimp.com *.list-manage.com *.amazonaws.com/downloads.mailchimp.com/ cdnjs.cloudflare.com *.jquery.com; connect-src 'self' data: 'unsafe-inline' e.bongo4u.com comments.emerge2.com util.emerge2.com www.google-analytics.com *.doubleclick.net; frame-src 'self' data: 'unsafe-inline' e.bongo4u.com *.google.com *.google.ca *.youtube.com *.youtu.be *.facebook.com *.twitter.com *.twimg.com *.instagram.com *.yahoo.com *.catalog-display.com *.shortstack.com *.pgtb.me *.formstack.com *.list-manage.com *.doubleclick.net *.orgill.com *.orgill.ca *.ecomadviewer.com *.castlecommunications.ca *.chameleonpower.com *.timbertech.com; object-src 'self' data: 'unsafe-inline' e.bongo4u.com  blob: *.apple.com *.macromedia.com; img-src https: data: blob:; media-src https:; style-src 'self' data: 'unsafe-inline' e.bongo4u.com *.google.com fonts.googleapis.com *.googleusercontent.com *.bootstrapcdn.com *.twitter.com *.twimg.com *.mailchimp.com; font-src 'self' data: 'unsafe-inline' e.bongo4u.com fonts.googleapis.com fonts.gstatic.com *.bootstrapcdn.com *.joinhoney.com/fonts/; report-uri https://util.emerge2.com/report_uri_api.php; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jDAu1QlhtdaavgZJPcnFaIQsaWo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-T7HFZqb1ZPkgZRj3TOMkx3lb3AU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qOsoYVD1bJhDuUz3Vm4Jgioe9lM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZYIey5NretEKav15eamvSo4Z3g'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.adform.net *.au.dk *.aucdn.dk *.cloudflare.com *.cloudfront.net *.crazyegg.com *.createsend1.com *.facebook.com *.facebook.net *.findvej.dk *.gefionau.dk *.google-analytics.com *.google.com *.google.dk *.googleapis.com *.googletagmanager.com *.gstatic.com *.instagram.com *.inviewmap.com *.livescribe.com *.mathjax.org *.pingdom.net *.siteimprove.com *.slideshare.net *.stakbogladen.dk *.statsbiblioteket.dk *.storify.com *.twimg.com *.twitter.com *.vimeo.com *.yahooapis.com *.youtu.be *.youtube.com 130.225.20.241 130.226.173.136 77.66.112.46 shoutbox.widget.me siteimproveanalytics.com *.cludo.com www2.dmu.dk unpkg.com; img-src 'self' data: *; report-uri /csp-rapport/csp-rapport.php?i=i47v2 1
script-src *.googleapis.com *.facebook.net *.typekit.net *.pingdom.net *.pinterest.com *.google.com *.google-analytics.com *.googleadservices.com googleads.g.doubleclick.net *.gstatic.com seal-easttexas.bbb.org *.brightcove.com *.brightcove.net *.eccmp.com *.annies-publishing.com *.zencdn.net *.bing.com code.jquery.com *.shareasale.com *.emjcd.com *.criteo.net *.criteo.com 'self' 'unsafe-inline' 'unsafe-eval'; worker-src blob://* data://*; connect-src *.googleapis.com *.facebook.net *.typekit.net *.pingdom.net *.pinterest.com *.google.com *.google-analytics.com *.googleadservices.com googleads.g.doubleclick.net *.gstatic.com seal-easttexas.bbb.org *.brightcove.com *.brightcove.net *.eccmp.com *.annies-publishing.com *.zencdn.net *.bing.com code.jquery.com *.shareasale.com *.emjcd.com *.criteo.net *.criteo.com; report-uri /ajax/content_policy_violation.php 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://qfwaovarxga4kn6vet720m0j.httpschecker.net/report 1
default-src 'unsafe-inline' 'unsafe-eval' https: blob:; report-uri https://alfa.reality.cz/info/csp/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hX9ttnwlViY2cAd4QbbZvJE7ZX8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self'; connect-src 'none'; font-src 'self' data: fonts.googleapis.com netdna.bootstrapcdn.com themes.googleusercontent.com fonts.gstatic.com; frame-src 'none'; img-src 'self' www.google-analytics.com p.typekit.net brokerage.tradier.com trk.kissmetrics.com data:; media-src s3.amazonaws.com; object-src 'none'; script-src 'self' www.google-analytics.com *.newrelic.com use.typekit.net i.kissmetrics.com doug1izaerwt3.cloudfront.net; style-src 'self' netdna.bootstrapcdn.com fonts.googleapis.com use.typekit.net; report-uri /csp/report; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report; 1
default-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; object-src 'none'; style-src 'unsafe-inline' https:; img-src data: about: https:; font-src data: https:; form-action 'self' https:; block-all-mixed-content; report-uri https://travelonbags.report-uri.com/r/d/csp/reportOnly; 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; worker-src https: data: blob:; font-src https: data:; report-uri https://psi.pixum.com/?ns=content-security-policy&service=base&module=status&action=log&sessionId=62f9629860ee96011cd4250f7685da6f59cd4fef 1
script-src 'self' https://apis.google.com https://pagead2.googlesyndication.com https://platform.twitter.com; frame-src https://plusone.google.com https://facebook.com https://platform.twitter.com http://rcm.amazon.com; object-src 'self' 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wOrOn3vFVT4T3BUR5pxU9LsPI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; worker-src https: data: blob:; font-src https: data:; report-uri https://psi.pixum.com/?ns=content-security-policy&service=base&module=status&action=log&sessionId=39873569c780cb054df3eec77dc876f4a6efcb94 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZCb7CR5rIiudCNiLiIUjp6D3hKY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dx4a5ZU0qncT3jHlsbMr1AvxkIM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-z7VRWUcHz8TE5XsbL0MaiEZ7Pc4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://wruj5payunl4w1dbujbzwmwb.httpschecker.net/report; report-to https://wruj5payunl4w1dbujbzwmwb.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-8DtgkqjMjZDGpB0KmonBhaoUVQw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JEeoLRuM9YOVijfgjcD8AHvAc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-C2CqcOfOcg4VNlGzp2tnHj0jsI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.lookfantastic.com.sg https://m.lookfantastic.com.sg 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.lookfantastic.com.sg/cspReport.txt; 1
default-src 'self'; script-src 'self' *.yandex.ru 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3xCyma5e6YE5GOIJxoFkQtcMAfU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TLnAh5TYA089dVxKsvtZphdzPw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self';script-src 'self' 'nonce-kwnWFg2xlsRmBoJG4/uU' *.jquery.com *.google.com *.youtube.com *.google-analytics.com *.gstatic.com *.googleapis.com *.googleadservices.com *.aspnetcdn.com ajax.aspnetcdn.com *.googletagmanager.com *.cloudflare.com unpkg.com *.sharethis.com *.ytimg.com;style-src 'self' 'unsafe-inline' *.jquery.com *.google.com *.gstatic.com *.googleapis.com *.aspnetcdn.com stats.g.doubleclick.net;img-src 'self' stats.g.doubleclick.net *.google-analytics.com *.gstatic.com *.googleapis.com *.googleadservices.com *.google.com *.google.co.uk googleads.g.doubleclick.net via.placeholder.com *.sharethis.com data: waspshubmedia.blob.core.windows.net;frame-src 'self' googleads.g.doubleclick.net *.google.com *.google.co.uk *.vimeo.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com;font-src 'self' *.gstatic.com data:;connect-src 'self' query.yahooapis.com *.sharethis.mgr.consensu.org *.pingdom.net *.sharethis.com 1
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.bootstrapcdn.com https://*.google-analytics.com https://*.googleapis.com https://*.pingdom.net http://*.pusher.com https://*.pusher.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://js-agent.newrelic.com https://bam.nr-data.net https://unpkg.com https://*.postmarkapp.com; object-src 'self'; form-action 'self'; base-uri https://rent4sure.co.uk https://dev.rent4sure.co.uk http://dev.rent4sure; report-uri /log/csp_violation 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TR55gZlYusLqZu92pMMvZnG5o7U'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https://*.arvato-systems-media.net https://*.nionex.net http://analytics.nionex.net https://www.google-analytics.com https://socialcloud.bertelsmann.com https://dl.edge-cdn.net https://edgecdnhd2-vh.akamaihd.net; script-src 'self' https://www.bertelsmann.com https://www.bertelsmann.de https://*.arvato-systems-media.net https://analytics.nionex.net http://analytics.nionex.net https://www.google-analytics.com https://www.googletagmanager.com https://maps.google.com https://translate.googleapis.com https://translate.google.com https://maps.googleapis.com https://*.edge-cdn.net https://*.analytics.edgekey.net https://charts3.equitystory.com https://*.akamaihd.net https://www.youtube.com https://s.ytimg.com 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' https://maps.google.com https://www.google.com https://*.ytimg.com https://maps.gstatic.com https://www.gstatic.com https://chart.apis.google.com https://maps.googleapis.com https://www.google-analytics.com https://*.becruiter.net https://bertelsmann-hr.de https://www.googletagmanager.com https://dl.edge-cdn.net https://translate.google.com https://translate.googleapis.com data:; media-src 'self' https://edgecdnhd2-vh.akamaihd.net http://hd2vodbertel-vh.akamaihd.net https://*.cdn.edge-cdn.net https://*.edge-cdn.net http://*.edge-cdn.net https://*.video-cdn.net; style-src 'self' https://www.bertelsmann.com https://www.bertelsmann.de https://*.arvato-systems-media.net https://*.nionex.net https://translate.googleapis.com https://fonts.googleapis.com https://dl.edge-cdn.net 'unsafe-inline' data:; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://charts3.equitystory.com https://socialcloud.bertelsmann.com https://www.youtube.com https://*.rtl.de; connect-src 'self' wss://*.bertelsmann.de https://www.google-analytics.com https://ca.video-cdn.net https://dl.edge-cdn.net https://*.analytics.edgekey.net https://translate.googleapis.com https://edgecdnhd2-vh.akamaihd.net; report-uri http://deniol2415.nionex.net/report-uri.php 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=6356bbfa-20a9-4fa0-a59c-29a1aa8858f6&version=5c2df8046534720ddcd5a15018c359f705fa6651 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-aPTgLAHbjX5swL9ddVg5rkg28mY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-gzzP3JBwFKSd7LU857FypWwmKM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https://assets.cisofy.com; connect-src https://assets.cisofy.com https://api.stripe.com https://checkout.stripe.com; frame-src https://assets.cisofy.com https://checkout.stripe.com https://js.stripe.com; font-src data: https://assets.cisofy.com; img-src data: https://cisofy.com https://assets.cisofy.com https://*.stripe.com; script-src 'unsafe-inline' https://cisofy.com https://assets.cisofy.com https://checkout.stripe.com https://js.stripe.com; style-src 'unsafe-inline' https://cisofy.com https://assets.cisofy.com https://checkout.stripe.com https://code.jquery.com; object-src 'none'; report-uri https://cisofy.report-uri.com/r/d/csp/reportOnly 1
default-src https: blob: wss://*.zopim.com 'unsafe-inline' 'unsafe-eval' wss://*.fcm.travel:*; frame-ancestors *.calypso.net.au *.fcm.travel; report-uri /api/csp_report; img-src https: blob: data:; font-src https: blob: data:; 1
script-src https://www.myprotein.ro https://m.myprotein.ro 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.ro/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-MamEUOxJopDg1WNX2IWCDjv38'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; report-uri https://19bba7008ff399c64da2bc7f455a3431.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qndaKANapWExOzXrmOWWoEl9ZA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https://cdn.performanceplustire.com https://www.performanceplustire.com; connect-src *.performanceplustire.com https://*.affirm.com https://d38nbbai6u794i.cloudfront.net https://js.callrail.com https://stats.g.doubleclick.net https://tracker.affirm.com https://www.google-analytics.com; font-src *.performanceplustire.com data: https://assets.resultspage.com https://cdn1.affirm.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com https://sxt.cdn.skype.com; frame-src *.performanceplustire.com https://bid.g.doubleclick.net https://connect.facebook.net https://e1.fanplayr.com https://maps.google.com https://s.thebrighttag.com https://www.facebook.com https://www.googleadservices.com http://www.youtube.com https://www.youtube.com; child-src *.performanceplustire.com https://bid.g.doubleclick.net https://connect.facebook.net https://e1.fanplayr.com https://maps.google.com https://s.thebrighttag.com https://www.facebook.com https://www.googleadservices.com http://www.youtube.com https://www.youtube.com; img-src *.performanceplustire.com cdn.performanceplustire.com data: https://*.cloudfront.net https://aa.agkn.com https://adadvisor.net https://ads.betweendigital.com https://ads.yahoo.com https://assets.resultspage.com https://b.sli-spark.com https://bat.bing.com https://beacon.krxd.net http://cf.kampyle.com https://cm.g.doubleclick.net https://cw.addthis.com https://d.agkn.com https://d38nbbai6u794i.cloudfront.net https://dmp.truoptik.com https://dpm.demdex.net https://dsum-sec.casalemedia.com https://dyn.yelpcdn.com http://farm4.static.flickr.com https://i.ytimg.com https://ib.adnxs.com https://iconfigurators.com https://images.iconfigurators.com https://insight.adsrvr.org https://match.adsrvr.org https://match.sharethrough.com https://nsg.symantec.com https://odr.mookie1.com https://p.adsymptotic.com https://pixel.personagraph.com https://pixel.rubiconproject.com https://pixel.tapad.com https://s.thebrighttag.com https://s.w.org https://s3.amazonaws.com https://secure.gravatar.com https://simage2.pubmatic.com https://sp.adbrn.com https://stats.g.doubleclick.net https://su.addthis.com https://sync.adap.tv https://sync.adaptv.advertising.com https://upload.wikimedia.org https://www.facebook.com https://www.google-analytics.com https://www.google.ca https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.iconfigurators.com https://www.insureship.com https://x.bidswitch.net; script-src 'unsafe-eval' 'unsafe-inline' *.performanceplustire.com https://ajax.googleapis.com https://api-cf.affirm.com https://assets.pinterest.com https://assets.resultspage.com https://b.sli-spark.com https://bat.bing.com https://cdn.callrail.com https://cdn.performanceplustire.com https://cdn1.affirm.com https://connect.facebook.net https://d1q7pknmpq2wkm.cloudfront.net https://d38nbbai6u794i.cloudfront.net https://dyn.yelpcdn.com https://e1.fanplayr.com https://js.callrail.com https://log.pinterest.com https://maps.googleapis.com https://my.fanplayr.com https://nsg.symantec.com https://performanceplustire.resultspage.com https://s.btstatic.com https://s.thebrighttag.com https://savingsslider-a.akamaihd.net https://script.crazyegg.com https://w1.fanplayr.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.iconfigurators.com https://www.insureship.com https://www.yelp.com https://yelp.com; style-src 'unsafe-inline' *.performanceplustire.com https://ajax.googleapis.com https://assets.resultspage.com https://cdn1.affirm.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://performanceplustire.resultspage.com https://www.iconfigurators.com 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-f4du8HMzi3AVHIs3HQMEiQt1dVI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' d1h3z56lhcmivt.cloudfront.net; script-src 'self' data: 'unsafe-eval' 'unsafe-inline' d1h3z56lhcmivt.cloudfront.net d2i2wahzwrm1n5.cloudfront.net ajax ajax.aspnetcdn.com www.google-analytics.com *.hotjar.com code.jquery.com *.uservoice.com *.honeycomb.nbspayments.com; style-src 'self' 'unsafe-inline' d1h3z56lhcmivt.cloudfront.net ajax.aspnetcdn.com maxcdn.bootstrapcdn.com; img-src 'self' data: d1ap1qjj9o2qr0.cloudfront.net ajax.aspnetcdn.com www.google-analytics.com d1h3z56lhcmivt.cloudfront.net *.honeycomb.nbspayments.com; connect-src 'self' www.google-analytics.com *.hotjar.com *.honeycomb.nbspayments.com; font-src 'self' data: d1h3z56lhcmivt.cloudfront.net maxcdn.bootstrapcdn.com; frame-ancestors 'self'; child-src 'self' *.hotjar.com; report-uri /public/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-K2mOgV6Hry4XY4vB7wD0CqngGko'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-iT16IyjnV5A4mQ6dyQhB8HArs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-0ePodlxcqA5wwG7SFUaSY2zzvq4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EKfKklAdLWYYPaypW8hAn5H2Nk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-b0EfdiPWrIDj8kikMcaRtllLXMQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-E5AZ6OPKlc6CeoAOPkKHheQNPuo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nFZLdkHV5eX93ZuEk6A9dC2KRI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BrPwzuWvTdJdPG9LcKQgzAOiQ5Q'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tk5DIW9uSXkS9YZg67dtMPvJ48'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IBYAegKjE3fwfkgJv6ARDOaiUuI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-i413axghZPirp7OqQ6eo9gUztQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https://*.luxprivat.lu https://*.clicky.com https://*.getclicky.com 'unsafe-inline'; form-action 'self' www.google.lu; base-uri https://www.luxprivat.lu; img-src https://*.luxprivat.lu http://*.clicky.com https://*.getclicky.com; font-src https://*.luxprivat.lu netdna.bootstrapcdn.com; report-uri https://csp-report.aginion.net 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-y6mIx4uUsL8D8mAGvGqnsWV6e8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6y8PfCWBECtn9CzooZnfDUFBBB8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://nz1bppolt0hzqcmldvs2i05q.httpschecker.net/report 1
default-src 'self' https:; frame-ancestors 'self' https://www.googletagmanager.com https://youtube.com; script-src 'self' https://www.google-analytics.com https://js.stripe.com https://ajax.googleapis.com https://www.googleadservices.com 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri  /csp-report 1
default-src  cpg.dev cmsadmin.dev *.cpg.org 'unsafe-inline' 'unsafe-eval'; options eval-script inline-script; script-src  cpg.dev cmsadmin.dev *.cpg.org 'unsafe-inline' 'unsafe-eval' *.google-analytics.com *.google.com *.gstatic.com ajax.googleapis.com ips-invite.iperceptions.com ips-img.iperceptions.com freewebview.com cdn.mxpnl.com edge.omnitwig.com logging.vitruvian.biz my.vocalocity.com pluginext.utop.it savingsslider-a.akamaihd.net solidsaving-a.akamaihd.net secure.shopathome.com services.upromise.com evernote.com superfish.com vitruvianleads.com *.zuznow.com *.siteimprove.com cw.na1.hgncloud.com; img-src cpg.dev cmsadmin.dev *.cpg.org *.google-analytics.com *.google.com *.gstatic.com ajax.googleapis.com ips-invite.iperceptions.com ips-img.iperceptions.com freewebview.com cdn.mxpnl.com edge.omnitwig.com logging.vitruvian.biz my.vocalocity.com pluginext.utop.it savingsslider-a.akamaihd.net solidsaving-a.akamaihd.net secure.shopathome.com services.upromise.com evernote.com superfish.com vitruvianleads.com *.zuznow.com *.siteimprove.com cw.na1.hgncloud.com;  media-src cpg.dev cmsadmin.dev *.cpg.org; frame-src cpg.dev cmsadmin.dev *.cpg.org *.surveygizmo.com blip.tv player.vimeo.com youtube.com *.google.com *.gstatic.com; report-uri / 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bX2j5Mo3GVagGYs8sX1PcQrPk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-did58bVolSlN2p4IxPJ5sN0tyM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-spo6f1i8kiKTkW172Zdkkb8GcU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-lNKC3pBrOp19VTTi9cjdJZBiVo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-W8054G7ctbfTOYp32pYvAFVKA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vLQd5sd6l41eDuJbL8drkbmlKk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=d436727a-c233-479f-8c4b-b8a0419cc926&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-RQE1VVYh98pDtNWGUU3tcPK0KCQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-aqRvKhIqfKijdJxUSlppoxrjMA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rwOs8rJnFK9CgtA46DvB2hULY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZX4KcLC73OfudtVoLFcwtDALWTQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qMHdCb6xKI8K6kal01iaFmdDfE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1YQM2n4dfD1cQ77QteroN8WL0uk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3yCvlnDSJ0TQzcVv7IlgyR3A'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-I6StmlmWd8YnwQ6bbEK7x76XbwU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oiqFGyOdrjFzwQpzRbbhyuaJFo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-D5yu0pHqUXRitNAwuysR1tAFek4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UvwP1rcQP8TX7RUO7kDRlnCi4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=metroh&d=2018-12-09 1
default-src 'self';font-src 'self' data:;style-src 'self' 'unsafe-inline';img-src vontobel-cloudbased-streaming.s3.amazonaws.com 'self' data: ssl.siteimprove.com ad.doubleclick.net statse.webtrendslive.com www.google-analytics.com analytics.twitter.com www.facebook.com t.co;script-src 'self' 'unsafe-inline' *.linkedin.com analytics.twitter.com www.facebook.com snap.licdn.com www.google-analytics.com s.webtrends.com tags.tiqcdn.com static.ads-twitter.com connect.facebook.net 'unsafe-inline' siteimproveanalytics.com static.ads-twitter.com t.co snap.licdn.com google-analytics.com s.webtrends.com tags.tiqcdn.com;frame-ancestors 'self';frame-src 'self';media-src vontobel-cloudbased-streaming.s3.amazonaws.com;report-uri /csp/report/; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ynvLem4UHBswSeuHat659Fd2BT8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.my&source%5Bsection%5D=brochure&source%5Buuid%5D=ea210fed35a7531b996b26c34f186b61 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IcS3YFEukrKrYgaTPZEXoG9nADw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://vt10vpk1pwmhvvxkjjkt7dfo.httpschecker.net/report; report-to https://vt10vpk1pwmhvvxkjjkt7dfo.httpschecker.net/report 1
script-src https://www.lookfantastic.com.hk https://m.lookfantastic.com.hk 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.lookfantastic.com.hk/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nn6ukb3UQR8avjflsNm9gkcYPfk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZN9jefKrAEHqNuG8UPjRdL3rRHQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nqWsvpiuG0mrSsynYvioamPQfQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
child-src 'self' www.youtube.com staticxx.facebook.com w.soundcloud.com player.vimeo.com; connect-src 'self' bearshares.com https://cdn.bearsharesimages.com https://images.bearshares.com https://bearsharesimages.com https://api1.bearshares.com https://api.bearshares.com api.blocktrades.us; default-src 'self' www.youtube.com staticxx.facebook.com player.vimeo.com; font-src data: fonts.gstatic.com; frame-ancestors 'none'; img-src * data:; object-src 'none'; plugin-types application/pdf; script-src 'self' www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; report-uri /api/v1/csp_violation 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dB89b7lgOMcR2Lbz85hM7FL8NMI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-N924IRwj7R3qSk8CYc8jJDAZII'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-eq0jxkiBOSBBWMl1vANQRyFt8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' www.youtube.com www.cut-e.net; script-src 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self'; img-src data: https:;  style-src 'unsafe-inline' https:; media-src 'self' vidassess.blob.core.cloudapi.de vidassessprod.blob.core.cloudapi.de vidstorage.maptq.com; font-src data: https: 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TSFHlsjK2AvYNOp1p1AWMRViKho'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CMFoRDJA7mhIJhv5YQE6mtNU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://ajax.googleapis.com/ 'unsafe-inline' https://cdnjs.cloudflare.com/ https://maps.googleapis.com/ 'unsafe-eval' https://www.mapquestapi.com/ https://tileproxy.cloud.mapquest.com/ 'self' https://ajax.aspnetcdn.com/ https://www.google-analytics.com/ https://www.yextstatic.com/ https://www.googleapis.com/; report-uri /cspreports/warn 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7uVU1tRQHdICdK0FC8rcdO7VzJU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OoDLO4Q1qe3W3qwxrytMTWOxzFA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
frame-ancestors https://www.meinesv.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at; frame-src https://www.meinesv.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at https://sso.sozialversicherung.at; report-uri https://www.sozialversicherung.at/cds_csp/ 1
script-src https://www.myprotein.at https://m.myprotein.at 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.at/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2YPcrHjSGeKW6cZrLWhdWT5dMJw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; object-src 'self' blob:; font-src https: data:; report-uri /csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4aquw28SAI0fkk5UsiaLp4FwVxU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6vnOQ7vcmg5fAVZylzkdYNCJ1oI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-P4iFKatsbJkpoE7FFwBVa3Yf2r8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EIDLU4q8k4IafZoxhwpxGS6Uhh4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zA5HOSysXC8nOoVyFYtNXeSsch0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bD9vn7oTzUcb0fBCpdSutx4IhI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TBO8gNeEluiR4N03U34H1xZ7c'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LKmOptt4n0BFKLh2dYyAW7Lfn4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pB9rGtsDekCMKbjcoCCbXEwd5zo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jUDiGdFh4PKOaqrr0We7JSDHzc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' carjam.co.nz *.carjam.co.nz; connect-src 'self' carjam.co.nz *.carjam.co.nz www.google-analytics.com stats.g.doubleclick.net www.facebook.com; font-src 'self' carjam.co.nz *.carjam.co.nz data: d1oe1cut6yqpb4.cloudfront.net fonts.gstatic.com; frame-src 'self' carjam.co.nz *.carjam.co.nz staticxx.facebook.com www.facebook.com connect.facebook.net web.facebook.com www.youtube.com www.googletagmanager.com; img-src *; media-src 'self' carjam.co.nz *.carjam.co.nz www.youtube.com; object-src 'self' carjam.co.nz *.carjam.co.nz; script-src 'self' 'unsafe-inline' https: 'nonce-d96756e941' 'strict-dynamic'; style-src 'self' carjam.co.nz *.carjam.co.nz d1oe1cut6yqpb4.cloudfront.net staticxx.facebook.com www.youtube.com 'unsafe-inline'; report-uri https://nzpro.com/csp-prod.php; 1
default-src https: 'unsafe-inline' 'unsafe-eval' data: about:; report-uri /_resources/php/csp-report.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YroZnXWYgbIsIM2bDFkmldMEYF0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6j6NOwMwagDhk3x0Cmu6TjR3E'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bTWTtehkvD4NzbeZ1IXQxqAM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Zq7slgXOLjsbXhHHxTEs3PCLEs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: data: blob:; style-src 'unsafe-inline' https:; report-uri https://www.check24.net/csp-violation-ezmd9dpdxv7nb0ecejb9/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-k3gr0DTIqe7eJiar8xbKzgUPC4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZUNTDQWdVWHa9cB8mgYYBYylIto'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2gri58NNwzVHCqhOykTfLhKO6AE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://cdn.vsadu.ru/csp_report 1
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.google-analytics.com www.gstatic.com ajax.googleapis.com www.google.com widget.intercom.io www.googleadservices.com googleads.g.doubleclick.net https://js.intercomcdn.com; style-src 'self' 'unsafe-inline' ajax.googleapis.com; font-src 'self' fonts.gstatic.com js.intercomcdn.com; img-src 'self' data: https://ssl.google-analytics.com https://ajax.googleapis.com https://*.intercomcdn.com https://static.intercomassets.com/; frame-src www.youtube.com www.google.com; connect-src 'self' wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io *.intercom.io https://uploads.intercomcdn.com/; media-src 'self' https://js.intercomcdn.com/; report-uri /callback/csp-report.php; 1
script-src 'self' 'unsafe-eval' 'unsafe-inline' safari-ukraina.com www.googletagmanager.com www.google-analytics.com yandex.st mc.yandex.ru clck.yandex.ru api-maps.yandex.ru geocode-maps.yandex.ru *.yandex.ru metrika.yandex.ua mc.yandex.ru yastatic.net www.googleadservices.com googleads.g.doubleclick.net d31j93rd8oukbv.cloudfront.net mc.webvisor.org maps.googleapis.com *.jivosite.com *.privatbank.ua www.youtube.com s.ytimg.com *.ampproject.org https://static.mailerlite.com cdn.jsdelivr.net; default-src 'self' *.jivosite.com; frame-src *.safari-ukraina.com vkontakte.ru yastatic.net www.facebook.com vk.com api-maps.yandex.ru bid.g.doubleclick.net www.youtube.com *.google.com cdn.jivosite.com cdn-cis.jivosite.com https://static.mailerlite.com; img-src *.safari-ukraina.com data: yastatic.net www.google-analytics.com stats.g.doubleclick.net api-maps.yandex.ru *.maps.yandex.net google-analytics.bi.owox.com 130.211.91.193 informer.yandex.ru www.google.com mc.yandex.ru www.google.com.ua googleads.g.doubleclick.net mc.webvisor.org csi.gstatic.com maps.googleapis.com maps.gstatic.com twemoji.maxcdn.com s3-eu-west-1.amazonaws.com ymetrica.com i.ytimg.com; style-src 'unsafe-inline' 'self' safari-ukraina.com fonts.googleapis.com https://static.mailerlite.com; report-uri http://csp.safari-ukraina.com; connect-src 'self' mc.yandex.ru www.youtube.com *.googlevideo.com www.google-analytics.com google-analytics.bi.owox.com 130.211.91.193 api.maps.yandex.ru mc.webvisor.org *.jivosite.com ymetrica.com wss://chat.jivosite.com wss://chat4-1.jivosite.com *.ampproject.org stats.g.doubleclick.net www.google.com www.google.com.ua; object-src 'self' www.youtube.com; font-src 'self' fonts.gstatic.com; 1
frame-ancestors https://www.auva.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at; frame-src https://www.auva.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at https://sso.sozialversicherung.at; report-uri https://www.sozialversicherung.at/cds_csp/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yipzi7hAVc3k23uAnHvEgyu7zc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.glossybox.at https://m.glossybox.at 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://dnn506yrbagrg.cloudfront.net; report-uri https://www.glossybox.at/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-xpLHSdjIOt7ogd4rb99LRXSLYyc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-RycUvq9NCmvC3i6zuwlYB6xbeGs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.co.za&source%5Bsection%5D=brochure&source%5Buuid%5D=123de497e8b1736d037af6a7c7afc421 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-QylmXxqNV4KXogfEI8jFTAqdOpw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1XpMMtAenKJvWvQmdYL5USbAKU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yCZIt2t5O9MbY5457vTCwUh3JOg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src *; style-src *  data: 'unsafe-inline'; img-src *  data:; font-src *  data:; connect-src *; media-src * ; frame-src *;  script-src * data: 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PFzn6Czgnr8QlFGxx153DSnJjA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://plt1le3fmlpnruqbyz3v0887.httpschecker.net/report; report-to https://plt1le3fmlpnruqbyz3v0887.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-sXFAocJDoQlY9zDQ1d3sqqpJ3M'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=labuznik 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-8qqranczanYAzaTsb2AkXZZzsx0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https://www.google-analytics.com www.google-analytics.com ajax.googleapis.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; report-uri /csp.php; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vDbOeP9xKPKM6BjMoEzockwUQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src https://www.myprotein.com.hk https://m.myprotein.com.hk 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.com.hk/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3BQgrIeSGOEXYZxaJsd3JkRlU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.glossybox.fr https://m.glossybox.fr 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://dnn506yrbagrg.cloudfront.net; report-uri https://www.glossybox.fr/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zwiJjtT25AnBFOYIfamrpN1c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-cguwgBfwyOimUyA7dSLxcX2nY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-inRbQ2TZy2gf2vWxztHnHz5k'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7fYzCbdsEEYakUUwx8mFhAWfm5c'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-DpxnQs6MvPERGs9wVrjn2h2DnUg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OfmUH9gULcoKBSEzGFIzibs1Fe8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nxY31sSsDRpdfE8O0hWdv2N1uWc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mcH36Kzvwue4kFuXFuAujqP4sA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PSPT2TQqKtMcRjgAXUWj0VgVQuk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-W4EXet8vb3ERPZA8AgQ9mqeJQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-gLh1ItpoVOTLVzFUmmiPESsPo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ROaNxAKfE4fbdoc0rgdRAhercGk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-gzAV4hj2KxtpgUZynEBEqqrvY8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-v53rARMaxJTHp9XUw8G9VtUgk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fselMzLIuUuLYjTeKfDE99iwJJw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-He9KkBVjxxCW1m7XCY4obXTFKmw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rfVSoXZf4zNfBsAJhDXbnMtp4e4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CllBfU3DCpaGde1OuxCd1FB02k'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Mg7b3WHSNc1CJK5i5MOzGuefWI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=f93e3bf4-a1fc-46a2-918a-eabe5bd78aa6&version=abdcaa3df793750c2e75b294132b15b38b8f8b08 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HLfczxsOnRW38RA0KRwBgwJcU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IeFj12AYZvET3OyfRzouJEioc0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rwY2zQ3BRX6Mz75HCWvZlRQXJ0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://connect.facebook.net https://chat.mcl.de https://ssl.livezilla.net/ https://d10lpsik1i8c69.cloudfront.net; style-src 'self' 'unsafe-inline' https://chat.mcl.de https://fonts.googleapis.com https://d10lpsik1i8c69.cloudfront.net; img-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://media.mcl.stage.s2com.cloud https://media.mcl.test.s2com.cloud https://media.mcl.dev.s2com.cloud https://media.mcl-content.de https://www.facebook.com https://www.google.com https://www.google.de https://chat.mcl.de https://d10lpsik1i8c69.cloudfront.net; connect-src 'self' https://www.google-analytics.com https://pubsub.googleapis.com wss://in.visitors.live wss://visitors.live https://settings.luckyorange.net; font-src 'self' https://fonts.gstatic.com; object-src 'self'; media-src 'self' https://d10lpsik1i8c69.cloudfront.net; frame-src 'self' https://www.facebook.com; form-action 'self' https://www.facebook.com; report-uri /csp/report.php; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qx4KQJUzVsWIiHyNBV4795djM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UYEB6AD0oO1HBmk5scBPZlhYU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Scw5wCGnDeQiH0dyn46L5m0VEsA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self'; manifest-src 'self'; style-src 'unsafe-inline' https://*.googleapis.com https://*.relappro.com https://*.cloudfront.net 'self'; frame-src https://*.googleapis.com https://*.criteo.com https://*.pubmatic.com https://*.addthis.com https://*.leadplace.fr 'self' https://*.g.doubleclick.net https://*.360yield.com https://*.youtube.com https://*.googlesyndication.com https://*.outbrain.com https://*.adnxs.com https://*.smartadserver.com; font-src https://*.gstatic.com https://*.cloudfront.net 'self'; media-src https://*.relappro.com 'self'; object-src 'self'; worker-src 'self'; script-src https://*.googleapis.com https://*.sascdn.com https://*.pubmatic.com https://*.themoneytizer.com https://*.leadplace.fr https://*.cpx.to https://*.googlesyndication.com https://*.outbrain.com https://*.google-analytics.com https://*.smartadserver.com 'self' https://*.heatmap.it https://*.quantserve.com https://*.relappro.com 'unsafe-eval' https://*.g.doubleclick.net https://*.google.com.mx 'unsafe-inline' https://*.google.com https://*.criteo.com https://*.quantcount.com https://*.addthis.com https://*.cloudfront.net https://*.tmyzer.com; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c7dfcd3e065470cb36f976712d50d51; child-src 'self'; connect-src https://*.criteo.com https://*.addthis.com https://*.rubiconproject.com https://*.adtech.advertising.com 'self' https://*.g.doubleclick.net https://*.360yield.com https://*.adnxs.com https://*.tmyzer.com; img-src https://*.sascdn.com https://*.pubmatic.com https://*.relappro.com https://*.rubiconproject.com https://*.cpx.to 'self' https://*.outbrainimg.com https://*.g.doubleclick.net https://*.heatmap.it https://*.quantserve.com https://*.cloudfront.net https://*.googlesyndication.com https://*.outbrain.com https://*.google-analytics.com https://*.adnxs.com https://*.stickyadstv.com https://*.smartadserver.com 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pKIlAG6l1wvhFi8j3VoIGs2NQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ABlQHogZcL9vQcKDIqHTQqCtUU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-i3zhBaYg7ne8QdaySH63YC92ArM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VMELth2nSTXg1I9PlT5g1JRsrc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hnaRzSPBhaOtbAzCfv4ClDNf4M'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-AslIVYlXRh7JqafkTGtEZijVRBE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oNJ9UXnuuHpcciV0oTyN2kkwPU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
style-src 'self' 'unsafe-inline' https: http://fonts.googleapis.com 'self';script-src 'self' https: 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ztjCdANU6X9cl0wHMFvmDnObU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
report-uri /api/csp-violation-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-os08rCoQPD1HeEZg1Y7reFrJWvQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nr2C6c4inYbSTm9GHpkcVubFRJ8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UiWL1ZVKuHWKvLvBSsjd5dnCX7w'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LCNzUlKZIpSJOk5z7EXNSSPfjY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EMjBREjDJEZAKhIEeW1y6i4Piak'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7vrNbaLzKpwtYj5VU4ok5UUc5U'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Pi9TxKSQTy74yFAellTD6NiQWU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-U6WM3wwq5NtisLrRrnoC8yEotI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qK3ipmX56PAdEIBAfd0JNxdtdn4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jAhpYYQBxSmRVyznioEtfy1beA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WxtgzQLlW63URM4AlqSqIgJGRlA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WClg3tMw2i1Ytlq3DEnkkX49RaY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7s4IbInLNk3sj0bR9ti3LPtn2k'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Ab5MsQPYyteGQLYWJROqNZgvw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Xhs6gaClp9dFfpSuPYpRUs9W3n0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zszf0D0tPULMhxpfKuK4AG4SWY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OosCXOSZPdhDUr6TscwJFiZRQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-sl2rQoh6bMQTKBjOp2yR5aYPHI0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VtOOqxXKaL7Tjk6AwWlcsDE67Q'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fKAVYzbgz5CJN8Z6Kx037lje1M'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mU3cTmrOLRwRxyjmbuH1Tcvf20'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Lg7tQpR6wNWam8sKPx3HB905A'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JEUwVNjrUxVTbbBx9PQxwEPSkN0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ECT88Ylt5jixbYrRA99AhHMcsY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-9mBxcuCwyXYOki1XbMnBVHClI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yUnK2X1p9q7hSTjGOoahIpehpc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CU6f23ahpXmwljNayA1SlCw2zQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vHYbMJYkMy42xBvqB3grI2CBc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report; frame-src https: 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://vadjmzmgyvntpto0m35wwzv6.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-QAqnCDPnN4ugFdMCw0VwTIpV2c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fS0vzZqzWJzBK1bhTajYSpwwh5s'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5X9AEKHDdlaEEP67OSZoHKOCJ8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/lindesnes/publishing/pro 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://api.tiles.mapbox.com/ https://code.jquery.com/ https://unpkg.com/ https://fonts.gstatic.com/ https://maps.gstatic.com/ https://maps.googleapis.com/ https://fonts.googleapis.com/ https://ajax.googleapis.com/ www.google.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com www.gstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://api.tiles.mapbox.com/ https://code.jquery.com/ https://unpkg.com/ https://maps.googleapis.com/ https://fonts.googleapis.com/ https://ajax.googleapis.com/ www.google.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com www.gstatic.com; object-src 'none'; connect-src 'self' 'unsafe-inline';img-src 'self' 'unsafe-inline' https://api.tiles.mapbox.com/ https://unpkg.com/ https://maps.gstatic.com/ https://maps.googleapis.com/ www.google.com ajax.googleapis.com www.google-analytics.com stats.g.doubleclick.net data: ; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://unpkg.com/ https://fonts.gstatic.com/ https://maps.googleapis.com/ https://fonts.googleapis.com/ ;sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-orientation-lock allow-pointer-lock allow-presentation allow-popups-to-escape-sandbox allow-top-navigation; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hbDGFoq7jtMBro20ke4Klffp8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https: 'self'; font-src https: data:; img-src https: data:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; report-uri https://dxw.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-g1avMeJVnpNuGEuSHr4alyeaSgY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-317G7CcX7DAEC1Xm4ZsHuzATsU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WhHqpshXRuiMCire153A7zrKSY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Ulo16vrMfVdV0CuoRv0M94M14'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-RwXY7hRbq5Yn5K7eOmmvcbbGQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nUYDEneBwno1pvJqvVMG9koRpk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.intuit.com intuit.com *.quickbooks.com quickbooks.com *.square.com square.com *.squareupstaging.com squareupstaging.com *.squareup.com squareup.com; script-src * 'unsafe-inline' 'unsafe-eval' data: blob:; report-uri https://simplyinsured.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-g9dHRiciHboh3ydvbkbCabtOME'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6bjd6MdXtbUHsULXHA7N9nEVrZo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Jgf0W3Jzczr307hJhXFkLEMpuYs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5u2tkpQNuqGakQ5nGTRgioNiFz0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-noX6xb13WyhdlgQTv2Aky3ocxI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-npPtPrjJlUz0dL2BKmKhXu184'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-gFDR5W5Oj0x2ngky0B61KvlWiTI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Fvg4BBHuQXdwHIvmkA2JndDNqo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JyEgvBjneDGPrcFgfU37CwVhK00'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mxPo3lrQMWzJ7N0pascpHgCPVBo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-NOEgHu36OmyC4TaKRFqFM7bMhk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-unzhkoyGeSslCsXgZOI74f7Yneg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SyWyLGTsRg2fIotsLHg3fUPeVgQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hfLayfgZnpPpkySmzsusLFOzI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SvqRfNRdE0qjMKfx3mGMLUjw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-lw0gZpyb6EIvhaMKOhgYNR2Znyo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-AsAYu9JZrGQlSCgDfHqvli5diME'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CmBrFRzUxKOeT5FF249Po7tGc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-92B5OYYXWfiL7dOtYRG5gkpfDw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EcXyW1HiHWjPlpS4DdyA7i4Pw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XyQIPHSr3WCfyNEkm8CWurKS4sA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-miIEFuyzLf95z66EicmGk2DHYk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' 'report-sample'; connect-src 'self' 'report-sample' bam.nr-data.net js-agent.newrelic.com api.mixpanel.com *.pendo.io sdr.totango.com *.typeform.com opallabs.zendesk.com *.app.box.com *.cloudinary.com s3.amazonaws.com app.zencoder.com cloudinary-cdn.workwithopal.com i.embed.ly d3iqftjt1wcsda.cloudfront.net push.ouropal.com wss://push.ouropal.com ws://localhost:8081, localhost:8081; font-src 'self' 'report-sample' data: *.gstatic.com; frame-src 'self' 'report-sample' workwithopal.app.box.com; img-src 'self' 'report-sample' data: snapshots.ouropal.com  bam.nr-data.net js-agent.newrelic.com api.mixpanel.com *.pendo.io sdr.totango.com *.typeform.com opallabs.zendesk.com www.opalstaticassets.com static-assets.ouropal.com d3kqos85so40zc.cloudfront.net login.ouropal.com universe.ouropal.com/ *.gstatic.com translate.google.com *.googleapis.com *.app.box.com *.cloudinary.com s3.amazonaws.com app.zencoder.com cloudinary-cdn.workwithopal.com i.embed.ly d3iqftjt1wcsda.cloudfront.net opal-elixir.herokuapp.com; media-src 'self' 'report-sample' *.app.box.com *.cloudinary.com s3.amazonaws.com app.zencoder.com cloudinary-cdn.workwithopal.com i.embed.ly d3iqftjt1wcsda.cloudfront.net opal.s3.amazonaws.com; script-src 'self' 'report-sample' 'unsafe-eval' 'unsafe-inline' push.ouropal.com bam.nr-data.net js-agent.newrelic.com api.mixpanel.com *.pendo.io sdr.totango.com *.typeform.com opallabs.zendesk.com www.opalstaticassets.com static-assets.ouropal.com d3kqos85so40zc.cloudfront.net login.ouropal.com universe.ouropal.com/ translate.google.com *.googleapis.com; style-src 'self' 'report-sample' 'unsafe-inline' bam.nr-data.net js-agent.newrelic.com api.mixpanel.com *.pendo.io sdr.totango.com *.typeform.com opallabs.zendesk.com www.opalstaticassets.com static-assets.ouropal.com d3kqos85so40zc.cloudfront.net login.ouropal.com universe.ouropal.com/ *.gstatic.com translate.google.com *.googleapis.com opal-elixir.herokuapp.com; report-uri /log/csp_violation 1
default-src https:; base-uri 'self'; script-src 'unsafe-inline' https: 'nonce-hYxALbgOXGwlhg==' 'strict-dynamic' 'unsafe-eval' *.zulily.com 'report-sample'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; object-src 'none'; block-all-mixed-content; report-uri https://productreviews-ext.prod.store.aws.z8s.io/csp-report-violations-report-only; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-MeilnldENdv7Lur1HgtwWqn9c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZJ5LhqK5tCTycgdFxOyUQAwAs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.dietaexante.es https://m.dietaexante.es 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.dietaexante.es/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hLS6anHfnM7eAhjSRKaNtbAJM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-9rOJnIHg41FczC2Pp2yg87jVyko'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5XEQ7ezpI3fSv7fqPbDHG3xPjY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nA5hZpLmCYygiWSO8JpDS00GFUw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fx0Vfzdkx8l2107OlxRAgKjapE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-O8YJyBPtyXcyjeUDvTBlYXmhw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Y31gS0NRmuPXJGfS3MgT0ftJBQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oV8Vj0iD26dx1KvYYtlFGBMwEV4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-m6aRLo61aOmhPJnemaSGeCRmMmE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src https://www.zavvi.nl https://m.zavvi.nl 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/ https://fp.zenaps.com https://pagead2.googlesyndication.com https://securepubads.g.doubleclick.net; report-uri https://www.zavvi.nl/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-C1rxVTJ2HGxxng53yRag5EMmCGI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-AykM4k5eR78TbpHZbE3lVJde8k'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LS8AKXKkymQvPEIw6GeTPbHvSU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PY5CEXMIMz2W4rARHWaSetXfjIM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JrLLxtT2YfsDjd0QOAzlAG4mQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HIyYCBtrwRV3gU950PbxuCPzEvE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YsXPUo95F7Scap0KLf0L5Puc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4PAi8HVN2pmg6Do1qSPhw0CcZs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-as2u5FjUdyteSc2lY1cfKJKA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' 'unsafe-inline' *.google-analytics.com *.doubleclick.net data:; connect-src 'self'; report-uri https://deuxhuithuit.report-uri.io/r/default/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LufJjTP8CM8gHjBDj6YST36bKfk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZbtRy7st7tjHxCLyA3CS3sAxms0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-u7Lp1Oe1oyVdgMpGMU5zwyW23M'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self'; connect-src https://*.tawk.to wss://*.tawk.to 'self'; font-src https://*.tawk.to https://*.gstatic.com https://*.googleapis.com data: 'self'; frame-src https://*.tawk.to 'self'; img-src * data:; script-src https://www.google-analytics.com https://www.googletagmanager.com https://*.tawk.to https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' 'self'; style-src https://cdn.jsdelivr.net https://*.googleapis.com 'unsafe-inline' 'self'; report-uri /lift/content-security-policy-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-V603X2vh7hjm4O4Z13SHkXaZGTA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com.sg&source%5Bsection%5D=brochure&source%5Buuid%5D=7f4f5095241461e99f2fcd1985194aed 1
default-src 'self'; img-src 'self' https: data:; script-src 'self' https://cdn.polyfill.io https://code.jquery.com https://cdnjs.cloudflare.com https://*.wistia.net https://*.wistia.com https://*.facebook.com https://*.facebook.net https://*.google.com https://*.google.co.uk https://google-analytics.com https://*.google-analytics.com https://*.googleapis.com https://*.googleadservices.com https://*.googletagmanager.com https://*.doubleclick.net https://*.responsetap.com https://*.twitter.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://use.fontawesome.com https://*.wistia.net https://*.wistia.com https://*.facebook.com https://*.facebook.net https://*.google.com https://*.google.co.uk https://google-analytics.com https://*.google-analytics.com https://*.googleapis.com https://*.googleadservices.com https://*.doubleclick.net 'unsafe-inline'; font-src 'self' https://use.fontawesome.com https://storify.com https://fonts.gstatic.com data:; child-src https://*.wistia.net https://*.wistia.com https://*.facebook.com https://*.facebook.net https://*.google.com https://*.google.co.uk https://google-analytics.com https://*.google-analytics.com https://*.googleapis.com https://*.googleadservices.com https://*.doubleclick.net https://*.twitter.com http://storify.com https://widget.trustpilot.com; frame-src https://*.wistia.net https://*.wistia.com https://*.facebook.com https://*.facebook.net https://*.google.com https://*.google.co.uk https://google-analytics.com https://*.google-analytics.com https://*.googleapis.com https://*.googleadservices.com https://*.doubleclick.net https://*.twitter.com http://storify.com https://widget.trustpilot.com; connect-src 'self' https://*.google-analytics.com https://*.doubleclick.net https://*.google.com; object-src 'none'; base-uri 'none'; upgrade-insecure-requests; report-uri https://lotusgroup.report-uri.io/r/default/csp/reportOnly; media-src 'self'; worker-src 'self' 1
default-src data: https: 'unsafe-inline' 'unsafe-eval'; report-uri https://biggreensmile.report-uri.io/r/default/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vOANKKXYg0kCeqyGiBPCGN1pOU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.lookfantastic.gr https://m.lookfantastic.gr 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.lookfantastic.gr/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fgg7oaSvnEdLNAxEe4bg6vACM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' 'unsafe-inline' data: static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'nonce-011e1343533f4f5fba79880e817e0dd1' static.medallia.com bugreport.medallia.com https://www.google-analytics.com/ https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://chart.googleapis.com/ https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://netdna.bootstrapcdn.com/ cdn.medallia.com https://*.cdn.survey.medallia.com/ https://col.eum-appdynamics.com/ https://s3.amazonaws.com/cdn.m8s.io/ https://s3.amazonaws.com/cdn.medallia.com/ https://nebula-cdn.kampyle.com/; report-uri /csp-report/; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-45MsLRLduotk4tT6oPcAriHhRiw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self'; script-src 'self' 'unsafe-inline' *.questionpoint.org; style-src 'self' 'unsafe-inline'; img-src 'self'; frame-src *.questionpoint.org; upgrade-insecure-requests 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-DK6tdX9PGqy03O7GWhBvms35M8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https://www.google-analytics.com 'self' https://*.akamaihd.net https://*.wistia.com; media-src https: http: ; script-src https://*.wistia.com https://*.wistia.net https://*.cloudflare.com https://*.twimg.com/ https://*.wistia.com 'self' 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.google-analytics.com https://*.doubleclick.net https://www.googletagmanager.com https://*.googleapis.com https://www.googleadservices.com; connect-src https://*.akamaihd.net https://*.litix.io https://*.wistia.com https://*.wistia.net https://*.google-analytics.com https://*.doubleclick.net 'self' wss://bitcoingold.org wss://explorer.bitcoingold.org; img-src 'self' https: http: data:; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.twitter.com https://*.twimg.com; font-src data: https://*.twitter.com 'self' https://themes.googleusercontent.comi https://*.gstatic.com https://*.googleapis.com https://*.w.org; frame-src https://*.wistia.com https://*.wistia.net https://*.twitter.com https://*.doubleclick.net 'self' https://*.facebook.com; object-src 'self' https://*.bitcoingold.org; report-uri https://bitcoingold.org/csp-report/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fiG1YiDkY1DZVR08tdItjPGgOkk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-eYt8nDiMR5nEuHB1cljVcHQrJc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1NqDDEZCg3pN31KqQmWTqfkBSgk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self';report-uri https://www.wimpykidclub.co.uk/csp/report;style-src 'unsafe-inline' https://www.wimpykidclub.co.uk https://*.wimpykidclub.co.uk http://www.wimpykidclub.co.uk http://*.wimpykidclub.co.uk http://*.myfonts.net http://*.googleapis.com http://*.wpengine.com https://*.wpengine.com;script-src 'unsafe-inline' 'unsafe-eval' https://www.wimpykidclub.co.uk https://*.wimpykidclub.co.uk http://www.wimpykidclub.co.uk http://*.wimpykidclub.co.uk https://*.google-analytics.com https://www.google-analytics.com http://www.google-analytics.com https://www.youtube.com https://*.ytimg.com https://*.doubleclick.net http://*.wpengine.com https://*.wpengine.com https://connect.facebook.net http://assets.adobedtm.com https://assets.adobedtm.com;img-src 'self' data: https://www.wimpykidclub.co.uk https://*.wimpykidclub.co.uk http://www.wimpykidclub.co.uk http://*.wimpykidclub.co.uk http://pearson.122.2o7.net https://*.google-analytics.com https://www.google-analytics.com http://www.google-analytics.com http://*.gravatar.com https://*.gravatar.com https://*.doubleclick.net https://*.wpengine.com https://*.facebook.com http://therandomhousegroupltd.d3.sc.omtrdc.net https://therandomhousegroupltd.d3.sc.omtrdc.net;font-src 'self' data:;connect-src 'self' https://*.wpengine.com http://therandomhousegroupl.tt.omtrdc.net https://therandomhousegroupl.tt.omtrdc.net;frame-src 'self' http://www.youtube.com http://*.youtube.com https://www.youtube.com https://*.youtube.com https://*.doubleclick.net; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-0L965k3MObCAcXpKApeHeUWvY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-arqD7fL1CRxwgKUZCIXDFhADVY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-q6JNzWXKgsfOolgDNhgX4aaAU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nOLVLgHXQxrM9X7DXU6D2NVIk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com *.gstatic.com *.googleapis.com www.googletagmanager.com smartlock.google.com www.google-analytics.com accounts.google.com cdnjs.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: mtd.org *.medium.com *.gstatic.com *.ggpht.com www.google-analytics.com www.googletagmanager.com *.googleapis.com *.googleusercontent.com www.google.com www.gravatar.com *.umbraco.org; font-src 'self' data: *.gstatic.com; connect-src 'self' *.mtd.org cdnjs.cloudflare.com *.gstatic.com www.google-analytics.com *.googleapis.com www.googletagmanager.com smartlock.google.com maps.googleapis.com stats.g.doubleclick.net; media-src 'self' ; frame-src 'self' www.google.com www.youtube.com smartlock.google.com; worker-src 'self' ; form-action 'self' ; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-scripts allow-same-origin allow-scripts allow-top-navigation allow-presentation; base-uri https://mtd.org; manifest-src 'self'; report-uri https://ridemtd.report-uri.com/r/d/csp/reportOnly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1U7BhseYeKs2eeQaOcjhXHxfcI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-01V95PBxr3ZD50hhjai5yQjca70'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Bs2KKzb8vgUw4XpeC7cel4WKxM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'none'; form-action 'none'; img-src 'self' data:; script-src 'self' https://cdn.segment.com https://sdks.shopifycdn.com https://cdn.optimizely.com https://cdn.ravenjs.com; style-src 'self' 'unsafe-inline'; connect-src 'self' https://automaticapp.myshopify.com https://*.optimizely.com https://api.segment.io https://sentry.io https://google-analytics.com; font-src 'self'; media-src 'self'; plugin-types 'none'; report-uri https://automaticlabs.report-uri.com/r/d/csp/reportOnly 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://btheekxw2lmuttumhklu4tyz.httpschecker.net/report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-t84v6QxswM6e1Ejm4lokC1MSlgs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: *.go-mpulse.net apis.google.com assets.adobedtm.com *.cloudfront.net nxtck.com ssl.gstatic.com ws.sessioncam.com *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com googleads.g.doubleclick.net connect.facebook.net www.googleadservices.com adtm.spreadshirts.net *.spreadshirt.com.au ; img-src 'self' data: https: image.spreadshirtmedia.net image.spreadshirtmedia.net *.gstatic.com rtb-csync.smartadserver.com pixel.rubiconproject.com pixel.advertising.com dsum-sec.casalemedia.com cotads.adscale.de www.google-analytics.com eu-u.openx.net ih.adscale.de *.akstat.io www.facebook.com dsum-sec.casalemedia.com ad.yieldlab.net secure.adnxs.com mapping.nxtck.com stats.g.doubleclick.net www.google.com www.google.de cm.g.doubleclick.net ads.yahoo.com sync.ligadx.com eb2.3lift.com s.sspqns.com x.bidswitch.net image2.pubmatic.com sync.outbrain.com nxtck.com sanalytics.spreadshirt.com.au *.spreadshirt.com.au ; connect-src 'self' https: *.spreadshirt.net *.spreadshirt.com www.google-analytics.com www.google.com *.go-mpulse.net *.akstat.io/ *.spreadshirt.com.au ; font-src 'self' https: *.spreadshirt.com.au ; style-src 'self' data: 'unsafe-inline' https: *.spreadshirt.com.au ; object-src 'none' ; frame-src 'self' https: www.google.com accounts.google.com *.spreadshirt.com.au ; report-uri https://sprd.report-uri.com/r/t/csp/reportOnly ; 1
default-src 'self' 'unsafe-inline' *.arpansa.gov.au *.sunsmart.com.au uv-makeup.azurewebsites.net *.google.com *.googleapis.com *.gstatic.com *.google-analytics.com *.youtube.com *.twitter.com *.twimg.com *.doubleclick.net data:;; report-uri /admin/config/system/seckit/csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-QFyYy3TN7uAmVR9A8zTWCcpfkl8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SrSsVdK9NOEW0lGvvPyf7LfCEQI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TYBXNX3vyjD28brPslzlqgwh4s'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rKITwtHXczWEBS0sUwOxyBF9zag'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WxL9LMvw6ljruHmbkortZZQwd4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hShyPwDPnZ9dYZ38WzC2YqTEFaw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kZIBmp2DLhhUDpav2QvMRqjA8Y'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Qqmzpri5B181rAIi2YHP2jGM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-r59j7hzNfVFh0KyTS0NVla51wI8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CEUohpA4Z1LZAwZz6TEhYMaAc4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vJY30L4bfCEKI6kKWa27MZhhM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-z94J0wB2ONNjYyND3KU2cj3axbw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-r826Ea8xcwIaITjLMqzI9N0Edfo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FNKzD4zrbPBPFzgJoYXEZRwF3s'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2TORBc8PtOfX5YiwejVn0drVFyA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4cSuY7rtCXVnQj3N3t4pJQqDoY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://localhost:8001 http://localhost:8001 https://cdn.jsdelivr.net https://*.google-analytics.com https://*.googleapis.com https://*.newrelic.com http://*.sumome.com/ sumo.b-cdn.net https://secure-ds.serving-sys.com https://bam.nr-data.net https://cdnjs.cloudflare.com/ajax/libs/fancybox/ https://code.jquery.com; style-src 'self' 'unsafe-inline' sumo.b-cdn.net https://cdn.jsdelivr.net https://use.fontawesome.com fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/; img-src * data:; report-uri https://cd36466f21f5db895967ac9cb87c0cb5.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-27aYHsv7OVxDcd65ePIG0mx1IrM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TS4NmB0mzLCnzeoXSXaM5F2UbP4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-xDYAQavL9OWRxgpD7u3Fi3YJ4TI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ES2Op2F9uoU4hkKbSDAGhWGv2fg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Uz37Pq0cdDrbx9Wsatq1Keafpg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' http://scisportal.trinity-health.org http://scmweb:8080 https://*.service-now.com https://*.piedmonthospital.org:* https://*.mainspringhealth.com https://*.ghx.com https://psfinancials.cchmc.org https://inforlsfprod.providence.org https://s1.ariba.com https://*.ccf.org:* https://*.edirx.com; report-uri https://partssource.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rLCJu1RufJYVH7eVRrDnKcpO7jU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com/ https://www.google.com/ http://www.google-analytics.com http://dnn506yrbagrg.cloudfront.net http://fonts.googleapis.com/ https://fonts.googleapis.com/ https://fonts.googleapis.com/ http://www.googletagmanager.com/ https://www.googletagmanager.com/ http://siteimproveanalytics.com/ https://siteimproveanalytics.com/ https://fonts.gstatic.com/ http://fonts.gstatic.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com/ https://www.google.com/ http://www.google-analytics.com http://dnn506yrbagrg.cloudfront.net http://fonts.googleapis.com/ http://www.googletagmanager.com/ https://www.googletagmanager.com/ http://siteimproveanalytics.com/ https://siteimproveanalytics.com/; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com/; font-src 'self' http://fonts.googleapis.com/ https://fonts.googleapis.com/ http://fonts.gstatic.com/ https://fonts.gstatic.com/; object-src 'self'; frame-src 'self' https://www.google.com/ https://player.vimeo.com/; img-src * 'self' 'unsafe-inline' 'unsafe-eval' data: filesystem:; report-uri https://233122823c47f119af0143cbea7853d6.report-uri.com/r/d/csp/enforce 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-r1vp4WGhKqLkrJq0vREPUd1NtE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LtXdqsjC8F16FGLzcduIOjM9U1c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kSehcXJT8dI3ieSrtCbiE2QvU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-cx8QAkdNZo47oAJLkEzxKHlA1k'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wlfyeEyeUzUZuAWVxUsQWltX174'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IHgjry3LH4rCZQMp4UG8QeWAVjk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nS6CXDWLBAE2mnd1teAJ8FtljOA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/lister24/publishing/pro 1
style-src 'unsafe-inline' https://*.flickr.com https://s.yimg.com https://cdn.yahooapis.com https://yui-s.yahooapis.com https://de.adserver.yahoo.com https://fc.yahoo.com https://radar.cedexis.com https://*.braintreegateway.com https://*.sandbox.paypal.com https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://api.digitalriver.com https://cdn.siftscience.com https://*.flickrpro.com; default-src https://*.flickr.com https://*.staticflickr.com; img-src data: blob: https://*.flickr.com https://*.staticflickr.com https://ec.yimg.com https://s.yimg.com https://geo.yahoo.com https://de.adserver.yahoo.com https://sb.scorecardresearch.com https://image.maps.api.here.com http://*.static-alpha.flickr.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://hexagon-analytics.com https://*.flickrpro.com; media-src https://*.flickr.com https://*.staticflickr.com https://s.yimg.com https://*.http.atlas.cdn.yimg.com http://*.static-alpha.flickr.com https://*.flickrpro.com; script-src 'unsafe-eval' 'unsafe-inline' 'nonce-4f067c656d29f3adfb115af2e22f1ae5' 'strict-dynamic' https://*.flickr.com https://s.yimg.com https://cdn.yahooapis.com https://yui-s.yahooapis.com https://de.adserver.yahoo.com https://fc.yahoo.com https://radar.cedexis.com https://*.braintreegateway.com https://*.sandbox.paypal.com https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://api.digitalriver.com https://cdn.siftscience.com https://*.flickrpro.com; connect-src https://*.flickr.com https://s.yimg.com https://geo.query.yahoo.com https://cdn.yahooapis.com https://yui-s.yahooapis.com https://api.flickr.com https://geo.yahoo.com https://*.braintreegateway.com https://*.sandbox.paypal.com https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com https://cdn.siftscience.com https://store.digitalriver.com https://*.flickrpro.com; frame-src https://y-flickr.yahoo.com https://*.flickr.com https://s.yimg.com https://de.adserver.yahoo.com https://*.braintreegateway.com https://*.sandbox.braintreegateway.com https://assets.braintreegateway.com/ https://*.paypal.com https://*.paypalobjects.com; child-src https://y-flickr.yahoo.com https://*.flickr.com https://s.yimg.com https://de.adserver.yahoo.com https://*.braintreegateway.com https://*.sandbox.braintreegateway.com https://assets.braintreegateway.com/ https://*.paypal.com https://*.paypalobjects.com; font-src https://s.yimg.com https://*.flickr.com data:; worker-src blob:; report-uri https://www.flickr.com/csp_report.gne?src=adsecflickrreport; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FhKc3LC8KgzgrfONs3YwXrXtu7s'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' *.callbackhunter.com callbackhunter.com ws://callbackhunter.com wss://callbackhunter.com https://mc.yandex.ru https://fonts.gstatic.com https://*.doubleclick.net https://*.google.com https://*.google.ru *.facebook.com https://*.facebook.com https://ajax.googleapis.com *.youtube.com https://youtube.com; img-src 'self' data: *.callbackhunter.com callbackhunter.com vk.com https://vk.com t.co https://mc.yandex.ru *.google-analytics.com https://www.google-analytics.com https://analytics.twitter.com *.facebook.com https://*.facebook.com https://*.google.com https://*.google.ru https://*.doubleclick.net *.adroll.com https://*.adroll.com https://pixel.rubiconproject.com ads.yahoo.com *.bidswitch.net *.adnxs.com *.rlcdn.com *.openx.net; style-src 'self' 'unsafe-inline' *.callbackhunter.com callbackhunter.com *.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.callbackhunter.com callbackhunter.com *.vimeocdn.com vk.com mc.yandex.ru https://mc.yandex.ru *.googleadservices.com *.google-analytics.com https://www.google-analytics.com *.twitter.com https://*.twitter.com *.facebook.net https://connect.facebook.net *.adroll.com https://*.adroll.com https://ajax.googleapis.com *.oneretarget.com https://*.oneretarget.com; child-src 'self' *.callbackhunter.com callbackhunter.com *.vimeo.com *.youtube.com https://youtube.com *.youtube-nocookie.com https://youtube-nocookie.com googleads.g.doubleclick.net *.google.com *.google.ru; report-uri /csp/index 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jxVoMnqoCS3qmAsKAYLr1vjZjiE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.com.co&source%5Bsection%5D=brochure&source%5Buuid%5D=dba70ab392bc863cfe23245d12ce214e 1
default-src 'self' ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://cdn.optimizely.com https://static.ads-twitter.com www.google-analytics.com www.gstatic.com https://analytics.twitter.com https://ssl.google-analytics.com https://www.youtube.com https://www.google.com https://*.googleapis.com https://bat.bing.com use.typekit.net https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://connect.facebook.net https://platform.twitter.com https://rum-static.pingdom.net https://ajax.aspnetcdn.com https://s.ytimg.com; style-src 'self' data: 'unsafe-inline' *.googleapis.com use.typekit.net; img-src * data: ; font-src 'self' data: https://fonts.typekit.net fonts.gstatic.com https://use.typekit.net http://fontface.ninja; connect-src 'self' https://rum-collector-2.pingdom.net; child-src 'self' http://sdn.sitecore.net https://www.youtube.com https://www.google.com https://accounts.google.com https://www.googletagmanager.com; frame-src 'self' http://sdn.sitecore.net https://www.youtube.com; frame-ancestors 'self' ; report-uri https://3chillies.report-uri.io/r/default/csp/reportOnly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-b1NRt7d5F0SpGo8TeyHOVbRXxc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-QDrO9ZN1M6UeGJkoQqzanTQiw0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-A7GkaZPh7XzerCpFZ19ifMOtNgQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=newspaper_PETPLUSDVA 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FgFreeCIczfEgmWn4dgawlS5BSY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' ; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-D2AzeSd1cQcOszBMLpd49RIK7s'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bxmLpdRo4GYwb4CMkLo1noMt2xk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-issgGMdbztE6iWFhGOa3UDGH9Rw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
report-uri /algemeen/report_CSP_error.php; frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; 1
default-src https:; script-src 'unsafe-eval' 'unsafe-inline' https:; style-src 'unsafe-inline' https:; img-src https: data:; font-src https: data:; connect-src  'unsafe-inline' https:  https://10.16.10.4 wss://10.16.10.4:7272  1
default-src *; img-src *; frame-src *; script-src * 'unsafe-inline'; style-src * 'unsafe-inline'; report-uri https://www.tyan.com 1
default-src 'none'; style-src 'unsafe-inline' *.hl-inside.ru platform.twitter.com ton.twimg.com; img-src data: *.hl-inside.ru pbs.twimg.com abs.twimg.com syndication.twitter.com platform.twitter.com ton.twimg.com mc.yandex.ru img.youtube.com site.yandex.net i.ytimg.com i1.ytimg.com www.google-analytics.com stats.g.doubleclick.net ssl.google-analytics.com vk.com steamcdn-a.akamaihd.net mc.webvisor.com mc.webvisor.org ymetrica.com mc.yandex.ua mc.yandex.ru ymetrica1.com googletagmanager.com; script-src 'nonce-pT9J9iBsz3i2qZAAHEHHyQ==' *.hl-inside.ru platform.twitter.com cdn.syndication.twimg.com mc.yandex.ru graph.facebook.com vk.com login.vk.com site.yandex.net c-cdn.coub.com yastatic.net sitesearch-suggest.yandex.ru www.google-analytics.com d31j93rd8oukbv.cloudfront.net mc.webvisor.com mc.webvisor.org cdn.jsdelivr.net; frame-src syndication.twitter.com platform.twitter.com store.steampowered.com w.soundcloud.com orphus.ru archive.org coub.com www.youtube.com vk.com docs.google.com gfycat.com; frame-ancestors 'self'; connect-src *.hl-inside.ru mc.yandex.ru mc.yandex.by passport.yandex.fr www.googleapis.com ssl.google-analytics.com mc.webvisor.com mc.webvisor.org ymetrica.com report.appmetrica.webvisor.com passport.yandex.ua lalablah.com syndication.twitter.com www.google-analytics.com; media-src *.hl-inside.ru; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-23rlAHofWINWPWUHCHQUAk3KVs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XoPDNTdm05RFNWabmo1onbT8Zc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OigNobELDe7TNpzFagTkRcQY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-0TdLEjj1COoTlUZaIKqB01kTq6s'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nTLtUvap5JXQHcfLV3HSqL5MdQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-y4etY3Sd2LDRn4VjVaX1oCycno'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CiT6RzQIZaacGhzgeAfM18zOXo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WfneQk4USvxmDrZetbSQIsDQGZw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-gqmsui4bquQeygnfNVauGe8A'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tZpxEAWIqiNKjM7aF3r15bQi4D4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fBGCUxlBv1BGMZIiH8LQlbPOOIQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-xUaRo2LqiMH2Dpd4aZgxekaWr4g'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PDLukWfkWAn8vIDzT500A1XDQVw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VD2tgF3n3FnD4cirSCA3uMeDSE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XzYKNFjhtAFPkxlRaqrjyWlQVY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https:; child-src 'self' https: data:; connect-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; media-src 'self' https: data:; object-src 'self' https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Brochure&source%5Bcontroller%5D=home&source%5Bdomain%5D=www.shopify.hk&source%5Bsection%5D=brochure&source%5Buuid%5D=bba20b3d06ca6bccd0b95347aa94d178 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-T0WbpLdlqFEaG88Ynbx4DxnoGuM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CggXKLJWwjKdSHrjV45IxDKYGw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https: wss:; report-uri https://ht.kiev.ua/csp-report/; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-sXDVELskucKqxXNc2kULVon6o1I'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-u5igGjTu5QBvarP5CdEdB8rcu0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Nz7CFfgRTq9SRFAGuYUE7ywSoQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hF6rAhSv1DifJEygSfHvLXW3EtI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BuVMpJv1Qsok9QG00UV57eGtYw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YWCiaShg3E7HeeuPIfEuV8MCAE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-MEHOVIjzcukTzyVREVdnObXOss'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-394PlRPcEEMEocBZXRd14enDWE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dkjSFGfqlxJbVyQ9jbOCj8pC1yE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src * data: about:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';  report-uri https://vweb4.summitmg.com/report.asp 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-DkurNGpVceDdf6wWkXYefSnXpA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1K9f408mNLb3lKLOXqFcEDQyEkM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-y5hUQFPRXcfeE4AtJPSge4zruUo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-U6IWTN1y6QbFdK01huGYahavCyc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-GRynodZWtvEuhFrbbR1qilp3qZc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self'; font-src 'self' code.ionicframework.com fonts.gstatic.com data:; frame-ancestors 'self'; frame-src 'self' *.facebook.com fast.wistia.net *.doubleclick.net *.facebook.net fast.wistia.com; img-src 'self' data: *.bing.com dev.visualwebsiteoptimizer.com *.doubleclick.net *.etax.com.au *.facebook.com *.googletagmanager.com *.google-analytics.com *.google.com *.google.com.au *.gstatic.com *.google.co.nz seal.digicert.com *.google.com.my *.google.co.jp *.google.com.ph fast.wistia.com embedwistia-a.akamaihd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.bing.com *.facebook.net dev.visualwebsiteoptimizer.com *.doubleclick.net seal.digicert.com *.etax.com.au *.google-analytics.com *.googleadservices.com *.googletagmanager.com fast.wistia.net fast.wistia.com; style-src 'self' 'unsafe-inline' code.ionicframework.com *.googleapis.com *.etax.com.au; connect-src 'self' *.doubleclick.net *.facebook.com *.wistia.com *.etax.com.au; form-action *.facebook.net; media-src 'self' blob:; report-uri https://etax.report-uri.com/r/d/csp/reportOnly 1
default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com 'sha256-URqFTNitDSE01K1xklErUlKT93/P4FXStf52o8BhcLY=' 'unsafe-inline' 'sha256-MpazfMshcY6jCzxk0aJDh9l3iXoBw8r+eMO58JLTkRQ=' 'sha256-D9Mz5Ys1Opv52C2fjJU4eS9qDZpG9+Ywz5rQPUyxngQ='; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=true&req_uuid=5259cd2d-9636-4e1e-acb0-b564898c4b5d&version=34ffb8f2235021bdf63196a35d812040b87aaecd 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4uXa1OZg35pzuZOa6yGvVDbCQw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2zvnd3WiBlPdIByzMVzXqD0L5es'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hV9UCMifd41vRqvkE7Vqbj1Gw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6bi3TItpr04NepqzEim14IW7Ls'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-C2Yzh4NnLmF3YeoAe57xDPKq0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mrYr4wqOyYOMVZJlyqlpFtqU2Ac'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-h36Jy7FDt9nY5gLWQWo6fIY28M'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-F9PBjY4eUTDX3LTYCP4YYqwZE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Z5WmRx3v9TWPCHxT8t2oPuvwtQs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yFKgS5Fe58lpWNYZyRwoq4rdTFk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-C7oxs8j8YPw60LgZkuA5ZuUvFs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://*.cp-static.com 'unsafe-inline' 'unsafe-eval' https://www.centralpoint.be https://www.centralpoint.nl https://selfservice.robinhq.com https://nl.startech.com https://android.googleapis.com https://maps.googleapis.com http://www.w3.org https://twitter.com https://platform.twitter.com https://www.google.com https://*.google-analytics.com http://s2.cdnplanet.com https://cts-secure.channelintelligence.com https://ezbuy.houston.hp.com http://h41213.www4.hp.com https://cisco-commerce.merrick.nl https://www.googleadservices.com https://www.googletagmanager.com https://c779844.ssl.cf2.rackcdn.com https://ajax.googleapis.com https://logo.cnetcontentsolutions.com https://seal.verisign.com https://dev.visualwebsiteoptimizer.com https://robincontentdesktop.blob.core.windows.net https://www.gstatic.com https://consent.cookiebot.com https://az416426.vo.msecnd.net https://platform.twitter.com https://static.criteo.net https://syndication.twitter.com https://sslwidget.criteo.com https://googleads.g.doubleclick.net https://ad.zanox.com https://cdnjs.cloudflare.com https://platform.linkedin.com https://*.youtube.com https://tagmanager.google.com; style-src 'self' https://*.cp-static.com 'unsafe-inline' 'unsafe-eval' https://www.centralpoint.be https://www.centralpoint.nl https://robincontentdesktop.blob.core.windows.net https://fonts.googleapis.com https://platform.twitter.com https://tagmanager.google.com https://fonts.googleapis.com; font-src 'self' https://*.cp-static.com data: https://www.centralpoint.be https://www.centralpoint.nl https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' https://*.cp-static.com 'unsafe-inline' 'unsafe-eval' data: https://www.centralpoint.be https://www.centralpoint.nl https://sgcdn.startech.com https://sec.admeta.com https://bs.serving-sys.com https://ad.doubleclick.net https://maps.googleapis.com https://googleads.g.doubleclick.net https://*.google.com https://stats.g.doubleclick.net https://dev.visualwebsiteoptimizer.com https://platform.twitter.com https://www.google-analytics.com https://www.google.com https://*.robincontentdesktop.blob.core.windows.net https://*.gethatch.com https://h41213.www4.hp.com https://ssl.google-analytics.com https://static.criteo.net https://syndication.twitter.com https://tbs.tradedoubler.com https://*.twitter.com https://*.googletagmanager.com https://*.gstatic.com https://ssl.gstatic.com; report-uri https://www.centralpoint.be/csp-report/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6M30.eyJleHAiOjE1NDQzMzUzNTgsImlhdCI6MTU0NDMzNTM0OCwibmJmIjoxNTQ0MzM1MzQ4fQ.rESVyOvck6gXsF3SNPw5BOFYyjUNkNQpCPlcG1Y7_uU 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pIwvha4UPYon28PF5sJZ2raVOo4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-waNtb41Q1YNpbOIEX6YxapjhBnA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YMtWIkfC5H6Ax0XnIgAyteak3g'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-v4UZErUHvVneL4H3TdOAqzYdO1o'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-DUz4t03o0CbmemubkYv0PYUgyg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-uXdISLZBJUn5DDzyDIygsRqNeU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-X5tE8gA0W4rY8faFyQC0aLMnF6I'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-S84GVAukxTNNolpX9S8KRSjOeCM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Ct1bHvOemNbIlPTGueqFdW9TdI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hzp3NUQe682ZPNpXEgCIcgXPUVQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-TYCokxtiAEsxEpz3FyMfMBu2jE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tIEsVDOFu1BVLfCUv9eVZJfUgLk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wgWeKjgPSZJY4tU8c1RxfopUqZ0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jENGyFO6qgQJ0OB0YUpFPCEdY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-xFneEfCJtwci9HXxGIhwJ0KgBc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Dw35UxtL5uSfFicOd7FiUyPIikQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bHw8bmLcN2xLWEVBqpdE3NG1M'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Aq90JsxpNsdmsL5P6deTAeplx8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-adEAollSzLepZryxPGIAef7g'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ppb8iUBKpsoSo9snZMO2iN1gD0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kPMWtbQ2RPZ2G7eCclRp1sMU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-B9PBN5ezG7jrtBh5cGVZbsAlc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dd95AuXGzvyg5zCltI3x3RJu0l0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-V6tS1tLZ7gNIYbj737PevlIrmPs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6LS5AmHoTEHE6UFbujgnv04EZM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-02uXiEheqqYrn2JYVqxPLDBmsE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-86VZYOZN3sAFiORrzVQHm9ziEg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rFWt94K5NTNckrk5intX0chE9w'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qV7u9lhqWvgMjLg9RmWZFfDhk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SkcVtd0xcqSroloOcMCQykaxw4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WZwe9qEMj3WxYLq230OYF4qVnc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mOeKo6tGYYmJUEeSfPo41PAw2zA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-222GzdigDA6t1m5WPCuPKv6walU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JtLmXElPcwE0bLI9XI2VQzIbZA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-0PkEQFy9kvxsjI26jMYdSisK0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-miiYnQlokRtHvZJLccghcf1FI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' www.oxemis.com oxemis.com ; script-src 'self' www.oxemis.com oxemis.com 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; frame-src oxiforms.com www.oxiforms.com ; frame-ancestors 'self' ; base-uri 'none' ; report-uri ../csp-reports.php?d3d3Lm94ZW1pcy5jb20vZm9ybXVsYWlyZXMv ; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-boY1uTUIbge2CZlHCM8Y0uHhzA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vTguuUh4gWwxX1fKprKphY6qqLM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-okNtfy10eeunMcBzrDOlQKLhI0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Hy0fZz7QIp8entMIIDF0s3xc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-cXxR23qTu3SltZ5XhTnFWiXiY3w'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-atC5G4tJlaeiHKv6gnZdil4E40'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1I67MEoeqxbZw6dfEEPV6NDSxc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XgthQPPtODEokTDg6izYm9Jqf5M'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6ulKlMfyd26lYEsz7x36k1r5kU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nZ4loQj0hqXhbJlYkrCG8eqQOU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FHyFgRTHo62tnilPNxIaBi248s'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HmQ4ENomxVEsXXX7uLS0gpxolY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: 'self'; child-src 'self' blob: player.vimeo.com www.youtube.com *.transloadit.com js.stripe.com yatapp.io; connect-src 'self' *.transloadit.com api.stripe.com www.google-analytics.com didacte-uploads.s3.amazonaws.com d1tja75zfw84oj.cloudfront.net maps.gstatic.com; font-src 'self' fonts.gstatic.com data: d20kve05iondkm.cloudfront.net; frame-src 'self' blob: player.vimeo.com www.youtube.com *.transloadit.com js.stripe.com yatapp.io; img-src 'self' data: app.getsentry.com www.google-analytics.com stats.g.doubleclick.net www.gravatar.com *.wp.com *.youtube.com *.vimeocdn.com transloadit.com d20kve05iondkm.cloudfront.net d1tja75zfw84oj.cloudfront.net didacte-uploads.s3.amazonaws.com *.googleapis.com maps.gstatic.com csi.gstatic.com www.facebook.com; media-src d1tja75zfw84oj.cloudfront.net didacte-uploads.s3.amazonaws.com; script-src 'self' d20kve05iondkm.cloudfront.net www.google-analytics.com www.youtube.com cdnjs.cloudflare.com *.transloadit.com *.ytimg.com js.stripe.com *.googleapis.com maps.gstatic.com connect.facebook.net 'nonce-kGlrVNlCPXFlCoMSgVFA3gu26Ket8J01EkEkZeToYFM='; style-src 'self' 'unsafe-inline' d20kve05iondkm.cloudfront.net assets.transloadit.com transloadit.com fonts.googleapis.com maps.gstatic.com; report-uri /errors/csp https://didacte.report-uri.io/r/default/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yRrQY2HETmwVhA09ctg0VuouVg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Q1P6EBBJwbe6KqRmenl9pJJ4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; connect-src https:; font-src https: data:; child-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; report-uri https://98dba6326789eae01552e92f7b3e68d5.report-uri.io/r/default/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4pyJN6Pafhqdje9OE9ulgZf1aw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Al5Agi3f3trMDvoz6tlVSgwyiM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JEMwxNSYsDfP5TmxXOBKvagVmQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Feoaek9nteEljcqG4eR4qnO7o8s'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-KfHA2pxwsvV3Om5ehIiMr8nThmk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EeENwFoGt1WL0cKDWCNLrbAsJ5c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FVmHvEqx3ygdNb9R4iSQVP1LpFk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UAOlgiB6CxKyalmX7Znd7oKvB54'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wC2L9308HDig8THfiTUceuyXWCY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-GkVy39wUiPDP7ncASpDQhcOvR0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.twojnzoz.pl az416426.vo.msecnd.net maps.google.com maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' data: maps.google.com maps.gstatic.com maps.googleapis.com csi.gstatic.com http://*.twojnzoz.pl; connect-src 'self' https://localhost:16501 ws://*.twojnzoz.pl https://dc.services.visualstudio.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.google.com/recaptcha/ ; report-uri https://mediporta.report-uri.io/r/default/csp/reportOnly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oQ501LxxAZSzThz19e0q9CTs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ulogin.ru api-maps.yandex.ru cdn.jsdelivr.net *.maps.yandex.net *.vestum.ru; report-uri https://data.vestum.ru/csp/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-D7p7XtJsXbnmcxY07ze9tJfMxaM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
img-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.routefifty.com/api/report-csp-error/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ntSBrQ17mzLLAeRtsGbf3NQ7zU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-y87GFvXtR5mpouIMzpMH7Qrjrb0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CWLy5cWzgZ1xfPb545mdw889U'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jhEhHdicM5toa7HDpKlDEEPp3hA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pHZbnEFDa2lDKdxWfhve36OXkns'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yiMzaXbnItWXSdzkFERyfaiALY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-glramT73qlM5DJvuIb2Bj4tgPoM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.myprotein.ie https://m.myprotein.ie 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.myprotein.ie/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-hIGrzf90XnDLOP6XAk9FrsFbM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com *.jivosite.com; frame-src 'self' https://www.google.com https://www.youtube.com www.google-analytics.com ajax.googleapis.com; style-src 'self' 'unsafe-inline' *.jivosite.com; img-src 'self' counter.yadro.ru *.jivosite.com *.amazonaws.com  https://yastatic.net data: *.gravatar.com; media-src *.jivosite.com; connect-src 'self' wss://*.jivosite.com; report-uri /csp-report.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Oven9Dm75GFkRgXOb7LhpXmTI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-e3qwZFCUThXggAgNWYGAbcvzA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://eufyvrmseexvefe2t11vv81d.httpschecker.net/report 1
default-src http: https: data: 'self' 'unsafe-inline' 'unsafe-eval' *.amazonaws.com *.adnxs.com *.hotjar.com *.adroll.com *.bing.com *.bidswitch.net *.yahoo.com *.facebook.com *.facebook.net *.google.com *.google.co.uk *.gstatic.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.googletagmanager.com maxcdn.bootstrapcdn.com ajax.aspnetcdn.com *.facebook.nen *.doubleclick.net *.openx.net *.rlcdn.com *.rfihub.com *.rfihub.net *.adncs.com; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UUQIlL7frvnK1XQPggnqz4mnw04'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oIWF1VEJD5Th0uy5dbucAcgtM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LMun69O6uDcDmL8MypBqvZT5mMo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-F6uzZlobPkNUFNXu6vtxfFiEA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-g234PE26QpJpX94E8qVq0QLm8oQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-395Fwco3inz0kD280FkSQJ6AE4s'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dkdFl6g423e4R5ld4VftsvZIUI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-gahyr9iGCULbD1duH4NgiHPnVyk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https: data: blob: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://www.eerstekamer.nl https://translate.googleapis.com https://ssl.p.jwpcdn.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.eerstekamer.nl; report-uri /cgi-bin/asnh.cgi/0000000/c/cspreport 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wmfpG1G2SYwFxHDROcZNFd9C8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' syndication.twitter.com; script-src js.weinstrasse.com 'unsafe-inline' 'unsafe-eval' player.peer.tv stats.peer.biz platform.twitter.com apis.google.com; img-src 'self' data: images2.weinstrasse.com css.weinstrasse.com www.hotel-guide.it player.peer.tv stats.peer.biz carto.peer.biz www.gravatar.com syndication.twitter.com api.trustyou.com; style-src 'self' 'unsafe-inline' css.weinstrasse.com js.weinstrasse.com; font-src css.weinstrasse.com; frame-src 'self' player.peer.tv www.facebook.com platform.twitter.com apis.google.com accounts.google.com www.youtube.com; child-src 'self' player.peer.tv www.facebook.com platform.twitter.com apis.google.com accounts.google.com www.youtube.com; report-uri https://csp-report.peer.biz/reportOnly/index 1
default-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:;style-src https: 'unsafe-inline';connect-src https:;frame-src https:;script-src 'unsafe-eval' 'unsafe-inline' https: blob: data:;font-src https: data:;img-src https: data:;media-src https: blob:; report-uri https://collector.schibsted.io/api/v1/csp/vestnytt/publishing/pro 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tt2DuEkpSTW6GiztEOKIqmGLTFQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wLUyyM1LiICcTtQrJtEA3ocz9wA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; form-action https:; report-uri https://openmikes.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LQRm7qR5bp4M2Z36hZqtBiVcY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BSyaBpx0hbHUkcPxfgAoyYI4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CNFY4fMLvvu0ziv10yiYHQYMjE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Z5Z2yInSzZROCV7pzcCOiuETltk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HekMUcJNiFRaeu2XTBhxgtGhwo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3K7XTBdyHCnKrRwrTIxUL4s5mw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CPKkDNh50gw5khFjfi8jzZZts'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WT3H1oFcwpLs8fRb6sO9RO79ys'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7taonkqBm7Lvq23IabAHJnKjOE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yq0mnb5AoNEbu6WQl1WzUK4y80'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Ga4O32X2SHHahaR4nbU0t9ACk0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-M7pIhGYqujelqj6660WRqF6UREc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-p8yVCfMwcGJxr8POSdztvRtHVA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-sESJPqyauv6vqKcuA398fILfWM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IE4iV6wwHZWBmCFhgvY5WJ8ZHg'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fop8JCMabPVv5jAaKueqG1O27k'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BiZ0rb27c2jUDCXt9QTlOM2prFk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; worker-src https: data: blob:; font-src https: data:; report-uri https://psi.pixum.com/?ns=content-security-policy&service=base&module=status&action=log&sessionId=e295e6a905df76eefe3980132187f04ea7244f87 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rHhmpREU2IKN5cCCGQsfK93E3gQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qiGva0U7bMtoI9BLLQebMJI0ROc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: ymadam.net *.yandex.ru https://yandex.ru https://docdoc.ru https://cdn.docdoc.ru https://w.docdoc.ru https://adservice.google.md http://docdoc.ru https://*.yandex.ru *.yandex.net https://*.yandex.net yandex.st *.yandex.st https://yandex.st https://*.yandex.st https://*.yandex.ua yastatic.net https://yastatic.net yandexadexchange.net *.yandexadexchange.net *.google.com https://*.google.ru https://*.google.com https://*.google.com.ua https://*.google.kz https://*.google.az *.liveinternet.ru *.google-analytics.com https://*.google-analytics.com *.gstatic.com https://*.gstatic.com *.googleapis.com https://*.googleapis.com *.googlesyndication.com googlesyndication.com https://*.googlesyndication.com *.doubleclick.net https://*.doubleclick.net *.googlezip.net *.yadro.ru https://*.yadro.ru *.youtube.com https://*.youtube.com http://*.mail.ru http://img.imgsmail.ru http://*.cloudflare.com http://r.mradx.net http://*.adriver.ru http://*.adfox.ru *.facebook.net vk.com *.vk.com https://vk.com http://*.buzzoola.com https://*.buzzoola.com http://*.weborama.fr http://*.facetz.net http://*.exe.bid http://*.tns-counter.ru mc.yandex.kz *.luxupcdnc.com mc.yandex.by *.yandex.net googletagservices.com *.yahoo.com goo.gl google-analytics.com; report-uri https://ymadam.net/csp-manager/tracker.php 1
default-src 'self' *.vic.gov.au; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com http://*.monsido.com https://*.monsido.com http://*.google-analytics.com https://*.google-analytics.com http://*.google.com https://*.google.com http://*.cloudflare.com https://*.cloudflare.com http://stats.g.doubleclick.net https://stats.g.doubleclick.net http://*.cloudfront.net https://*.cloudfront.net http://*.vic.gov.au https://*.vic.gov.au https://cdn.jsdelivr.net http://cdn.jsdelivr.net https://cdn.rawgit.com http://cdn.rawgit.com; style-src 'self' 'unsafe-inline' *.hotjar.com:* *.monsido.com *.cloudflare.com *.cloudfront.net *.vic.gov.au; img-src 'self' 'unsafe-inline' http://*.hotjar.com:* https://*.hotjar.com:* http://*.monsido.com https://*.monsido.com http://*.cloudflare.com https://*.cloudflare.com http://*.cloudfront.net https://*.cloudfront.net http://*.google-analytics.com https://*.google-analytics.com http://stats.g.doubleclick.net https://stats.g.doubleclick.net http://*.vic.gov.au https://*.vic.gov.au data: https://raw.githubusercontent.com http://raw.githubusercontent.com https://cdn.rawgit.com http://cdn.rawgit.com https://caretaker-vic-gov.s3-ap-southeast-2.amazonaws.com; frame-src 'self' 'unsafe-inline' https://*.infogram.com:* http://*.infogram.com:* http://*.google.com https://*.google.com http://*.vic.gov.au https://*.vic.gov.au http://*.youtube.com https://*.youtube.com http://*.vimeo.com https://*.vimeo.com http://*.hotjar.com:* https://*.hotjar.com:*; font-src 'self' *.vic.gov.au http://*.hotjar.com https://*.hotjar.com fonts.google.com data:;; connect-src 'self' http://*.hotjar.com:* https://*.hotjar.com:* http://*.monsido.com https://*.monsido.com http://*.google-analytics.com https://*.google-analytics.com http://stats.g.doubleclick.net https://stats.g.doubleclick.net http://*.vic.gov.au https://*.vic.gov.au wss://ws5.hotjar.com/api/v1/client/ws https://drwgdblqzrfiz.cloudfront.net; report-uri /report-csp-violation 1
default-src 'self'; connect-src 'self' https://wp-static.assets.sh https://www.google-analytics.com https://performance.typekit.net https://*.mapbox.com https://notify.bugsnag.com https://sessions.bugsnag.com; font-src 'self' https://wp-static.assets.sh https://fonts.gstatic.com https://use.typekit.net; frame-src 'self' https://www.googletagmanager.com https://www.youtube.com; img-src 'self' https://wp.assets.sh https://wp-assets-sh.imgix.net https://wp-static.assets.sh https://stats.g.doubleclick.net https://www.google-analytics.com https://www.google.be https://www.google.com https://p.typekit.net blob: data:; manifest-src 'self' https://wp-static.assets.sh; media-src 'self' https://wp.assets.sh https://wp-assets-sh.imgix.net https://wp-static.assets.sh; script-src 'self' 'unsafe-inline' https://cdn.polyfill.io https://cdn.rawgit.com https://wp-static.assets.sh https://www.googletagmanager.com https://www.google-analytics.com https://use.typekit.net https://api.mapbox.com https://stats.g.doubleclick.net https://c52.livecom.net; style-src 'self' 'unsafe-inline' https://wp-static.assets.sh https://fonts.googleapis.com https://api.mapbox.com https://c52.livecom.net; worker-src 'self' https://wp-static.assets.sh blob:; frame-ancestors 'none'; form-action 'self'; report-uri https://mrhenry.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-whogu48qPx21CXjvodaRFhomjg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ISD90gdt9NdbhPE5iiYg727Q4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vxJ9sYyN8lhQHGijcmIfHKoM3J4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src geoip-db.com; script-src 'self' https://www.sopranodesign.com 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-V7NqV6hGjuJUqVyNrUXMoiQqas'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' https://fonts.gstatic.com/ https://themes.googleusercontent.com/ ;script-src 'self' 'unsafe-inline' https://www.google.com/ https://ap.mepin.com/ https://www.gstatic.com/recaptcha/ https://maps.google.com/ https://maps.googleapis.com/ https://secure.livechatinc.com/ https://coinroom.com/cdn-cgi/scripts/ https://coinroom.com/ 'nonce-9b182612578344bab103' 'strict-dynamic' ;img-src 'self' https://cryptonews.pl/wp-content/ https://maps.gstatic.com/ https://maps.google.com/ https://www.google-analytics.com/ https://secure.livechatinc.com/ https://stats.g.doubleclick.net/ https://www.google.pl/ https://www.google.com/ *.googleapis.com *.ggpht.com data: ;frame-src 'self' https://www.google.com/ https://ap.mepin.com/ https://secure.livechatinc.com/ ;object-src 'none' ;connect-src 'self' * ;font-src 'self' https://cdn.livechatinc.com/ https://themes.googleusercontent.com/ https://fonts.gstatic.com/ ;style-src 'self' 'unsafe-inline' https://ap.mepin.com https://fonts.googleapis.com/ ; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pBZt4bEX0UgR0jEf7UxFb99YIs4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zdzcMo5owvRtCsYrh4CJuK1cHo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ORyT8dJgtHc6UWdTlAPRU8cmoM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-goX4qGdNDuBrC3I2lNn6uRS2EhI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-aSBdQWTWthMLX5mmli1y3XMBU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pwU2RUpftYXbz5rNUiMKqaxuIzE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-q72p56KL2AkGhCyW5XJnnFcLE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-O0lYYvlRi7UMSczfdCjucKwK55k'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jxpwgrIuG03A8NsbS6uUCI3yA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UNmXOb896zxwcGUQ2ZvPB9xoo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6EE6O28DiodMPOcuLl11ANw1hw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-q4BW5S7Xpt2KivyanvLAMWEEkY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4tO95LgmMXoWrejCj0ZHgQTRMLw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2fLSEBoldpV0kUdA2ebjwcWlU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IVNny4CBY07KviebfFr2rw5w7o'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qs5JusjAKrVeTDVVeBnYZ1gGc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7K1fndIVeVTBTaJm3mYIN8LmeHM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-aPYceDMtZBvJqgGRLPTiBd25FCk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2HvFXGQu0bLOoy0Bal7dptIAL5c'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-y3mPI1yC4qceDzsDalcOs0sIPMA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6bYJTyhhAW3O8Vc0rIUcWqic8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-lshLQXRstC3T6KOyDhf6YLfZut0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-cM9SZKm5DrMS7HV2cAz40NIABxo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dascM5XlwQYj5BIc77VBh7TAvM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-LVPegChyg4i1zUdDldCYCC4OHA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-oZtw8yL91sMLEucWYgTj10LXcI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-MiZcIkkfK7vFv8GmvjufNcjx9mc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PNwMSi1YOPawnOnXDMKjCxlE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-I1dhE28wlyCumbErXwDlqw2deio'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-uoTNcDrqBQDK6Mv0nzwroBJ6lTI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' syndication.twitter.com; script-src js.suedtirolerland.it 'unsafe-inline' 'unsafe-eval' player.peer.tv stats.peer.biz platform.twitter.com apis.google.com; img-src 'self' data: images2.suedtirolerland.it css.suedtirolerland.it www.hotel-guide.it player.peer.tv stats.peer.biz carto.peer.biz www.gravatar.com syndication.twitter.com api.trustyou.com; style-src 'self' 'unsafe-inline' css.suedtirolerland.it js.suedtirolerland.it; font-src css.suedtirolerland.it; frame-src 'self' player.peer.tv www.facebook.com platform.twitter.com apis.google.com accounts.google.com www.youtube.com; child-src 'self' player.peer.tv www.facebook.com platform.twitter.com apis.google.com accounts.google.com www.youtube.com; report-uri https://csp-report.peer.biz/reportOnly/index 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SmuJrcgP0zCVKbhKsJxl5iqCjI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-uzlIrfirqkr1rr5KsmUhHPFuS9o'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-188GKcSN5yFYio6qa5HiPvyigo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vKiu30GV3tonmAz0J7FbhuJo8I'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src * data: blob:;script-src *.workplace.com workplace.com *.fbcdn.net data: blob: 'unsafe-inline' 'unsafe-eval';style-src data: blob: 'unsafe-inline' *;connect-src *.workplace.com workplace.com wss://*.workplace.com:* *.fbcdn.net blob: *.mktoresp.com;report-uri https://www.workplace.com/csp.php 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YfDFuCExQ0owv9wkHaURGUN0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qEpKxTP4NQgcCzhin3lLn6KVFE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-E1Jkth7GSXlJ0fXWkXkwsZphXo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-amkSHrdDPHR2dHiSr4iNbSFKixs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bhq0ghmeXF4RdnGKbV15vP3hzI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-p6S4hL5dOoz6yxrQqPGp3RglnI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Nr6vNbDR6L8axgkwMabECnFu8'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZalzXWxOZ2ECFR6OyLFXmKmU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src gsa: *.code-it.jetzt/* *.youtube.com/* 'unsafe-inline' 'unsafe-eval' 'self'; 	script-src data: 'unsafe-eval' 'unsafe-inline' https://connect.facebook.net/en_US/fbds.js https://ssl.google-analytics.com/ga.js cooperative-education.html 'self'; 	style-src https: 'unsafe-inline' 'self'; 	img-src https: data: *.adobe.com *.google-analytics.com *.facebook.com 'self'; 	font-src https: data: 'self'; 	frame-src https: https://www.youtube.com *.youtube.com 'self'; 	child-src gsa: https://www.vwfsag-karriere.de *.youtube.com/* 'self'; 	object-src 'self'; 	report-uri https://www.vwfsag-karriere.de/report-uri/report-csp.php; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7Ps48je3Xoa9ykQZE2DaCRDS4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
frame-ancestors https://www.ooegkk.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at; frame-src https://www.ooegkk.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at https://sso.sozialversicherung.at; report-uri https://www.sozialversicherung.at/cds_csp/ 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-toKg2NWbrU7siQrbgBikGAdGxc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Cz7zwmd2Jb3EDSvsAjuMts3yUA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3Fj3Y3ENFNNai3B7JcieMTcLnw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Fxs68KVMlxfVv3x9bwdEvpL4gIQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-iQNPtKeXpY2Me4Kz0bVUKUkt4v0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6I6VQw8ShLJLWFmdHCbzkMzbgI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PXIoS6cpb9JpKLl1mRXbE3N7bx0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-r7NDlYenSEgrbFbYVa59ZfvFxE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-6pWiR3aOYJQDF09Ox3fsBTMMcCk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kL8p7EHUcZMNgasrBfDmS9detU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Xudp1JllgILibkMJqd59j2p0CGU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
frame-ancestors https://www.svagw.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at; frame-src https://www.svagw.at http://www.sozialversicherung.at https://www.sozialversicherung.gv.at https://sso.sozialversicherung.at; report-uri https://www.sozialversicherung.at/cds_csp/ 1
default-src https: blob: wss://*.zopim.com 'unsafe-inline' 'unsafe-eval' wss://*.flightcentre.co.nz:*; frame-ancestors *.calypso.net.au *.flightcentre.co.nz; report-uri /api/csp_report; img-src https: blob: data:; font-src https: blob: data:; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-k81XMr4VvCXnmNOGUfQxBSu6wOM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; frame-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report.php 1
default-src 'self' 'unsafe-inline' https://flaglerclerk.com https://cdn.flaglerclerk.com https://*.wp.com https://www.google.com https://cdn.onesignal.com https://onesignal.com https://www.google-analytics.com https://fonts.googleapis.com https://*.gstatic.com https://*.mare.io https://mare.io; style-src 'self' 'unsafe-inline' https://flaglerclerk.com https://cdn.flaglerclerk.com https://fonts.googleapis.com https://fonts.gstatic.com https://cdn.onesignal.com; object-src 'none'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; referrer origin; report-uri https://flaglerclerk.report-uri.io/r/default/csp/reportOnly; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FMxTU5n379oaJ5Lx4LixzG0SA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-auKShe2Hps1O2bW4OQVPEWT9QTU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XQ9770BagH6rgwqrPbTByiDBs1k'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-2Pu4uFe2JRyZMJqvz0lQhIkBVw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-jENhF4xs4yUSiQgiWGnjGnxqmU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-eepv8IQBdMU70Tj4iQcEgaAIJ4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-inTYFKUj7hjIxs2aSGTu2N6M3I'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-UTKwx9jRX49x945fKObAUcvRsI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Fbwqw70KtCKv1yugjxrPIExoaaA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yiVDbCqmBter4hIe8c3axFTsPWI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4MoEhzT1FMScT4nsgiqWpq70c'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-I3HoBYdmZYCiL3tLVeQWx2TRPaM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Zm2198OOCiM9NveC8MdezBaCj0'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-dxOCqy3EH5qI3yd46zPq2pY1Qw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tokXNiRUmQd79mDZiij61Y59ZU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rq82qjKmDpumTlyvcaMz78MLQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7awiiEpd7KVOheIv6HUGWIEIrs'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' https: 'unsafe-inline' data: 'unsafe-eval'; report-uri https://servix.idnes.cz/log/csp-report.aspx?w=vitalion 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-b3VUPajshn6U0f46zM1MovFg2YU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src data: 'unsafe-inline' 'unsafe-eval' https: blob: http://*.files.wordpress.com wss://spy.com; report-uri https://pmcuri.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ZccpbfaFTbqeXGd67g2bK2us'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Qyp04cxUpsodcg1BiDR4sYKA3Y'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VsOlJFfdiuUv4F1rzYFptmsXTEM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tdXts1JLKqSXZ6yi0tXoSYslI2Y'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-epw1x4QNthu6re1cvaA72ioWc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-aWaroVztmTNk1ZNIqlRCJOPhRQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-8bXfYDNxYFf7h9nl7kQdMCu8F4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fUVoewjJOD8aADLCxJVBxF2gM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-WePkm2UpPLaRt56kxdPImCwYU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BSRLcTciwkLf1JEgCJBWQbveQeY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'none'; connect-src 'self' www.google.com https://cdncache-a.akamaihd.net wss wss://generatorhostels.com ws1.hotjar.com ws2.hotjar.com ws3.hotjar.com ws4.hotjar.com ws5.hotjar.com graylog.hotjar.com cdnjs.cloudflare.com ajax.googleapis.com www.google-analytics.com stats.g.doubleclick.net wss://ws2.hotjar.com wss://ws3.hotjar.com wss://ws4.hotjar.com insights.hotjar.com generatorweb.sihot.com; font-src data null generatorweb.sihot.com maxcdn.bootstrapcdn.com fonts.gstatic.com 'self'; manifest-src 'self' generatorhostels.com; object-src 'self' generatorhostels.com; frame-src 'self' service.securesrv12.com secure.liveshoppersmac.com 3dsecure.klikbca.com geschuetzteinkaufen.commerzbank.de acs.sia.eu vcas1.visa.com www.securesuite.net acs1.edb.com secure5.arcot.com aacsw.3ds.verifiedbyvisa.com tpc.googlesyndication.com sas.redsys.es cdncache-a.akamaihd.net mastercardsecurecode.secureacs.com acs1.swedbank.se analytics-google.net https://acs2-3dsecure.cic.fr https://braip.com.br www.securesuite.co.uk secure.edb.com tsys.arcot.com secure7.arcot.com www.googletagmanager.com mozbar.moz.com www.facebook.com acs.airplus.com connect.facebook.net saferpay.com www.saferpay.com generatorweb.sihot.com generatorhostels.com bid.g.doubleclick.net staticxx.facebook.com vars.hotjar.com www.google.com www.instagram.com www.youtube.com w.soundcloud.com; img-src googleads.g.doubleclick.net butstrap.space https://spedcheck.space www.gstatic.com www.google.ge www.google.pl www.google.ru www.google.cm www.google.com.eg www.google.co.kr www.google.com.np www.google.co.th www.google.dz www.google.no www.google.com.hk www.google.com.mm www.google.co.il www.google.az www.google.sk www.google.ie www.google.com.pe lh3.ggpht.com www.google.de www.google.cz www.google.co.za www.google.se www.google.dk www.google.gr www.google.lv www.google.com.tw https://gateway.zscalertwo.net www.google.com.ph www.google.com.uy www.google.fi www.google.com.ua www.google.com.cy www.google.com.jm www.google.im www.google.co.ve www.google.com.sg www.google.ca www.google.es www.google.kg www.google.be www.google.at www.google.pt www.google.fr www.google.it www.google.com.br www.google.com.ar https://gallery.mailchimp.com www.google.ch www.google.me www.google.com.ec www.google.ro www.google.kg www.google.nl www.google.com.mx https://canvaspl-a.akamaihd.net https://cdnstats-a.akamaihd.net www.google.com.lb www.google.com.co www.google.com.tr www.google.cl www.google.dk www.google.co.in www.google.hr www.gstatic.com generatorweb.sihot.com generatorstorage.blob.core.windows.net generatorhostels.com cbks0.googleapis.com csi.gstatic.com data: geo0.ggpht.com geo1.ggpht.com geo2.ggpht.com geo3.ggpht.com img.youtube.com khms0.googleapis.com khms1.googleapis.com maps.googleapis.com maps.gstatic.com 'self' generator.azureedge.net ssl.google-analytics.com stats.g.doubleclick.net web.facebook.com www.facebook.com www.google.co.uk www.google.com www.google-analytics.com ajax.googleapis.com; media-src 'self' data:; script-src 'self' data blob about asset tpc.googlesyndication.com fdz.octapi.net data1.iti-maps.fr data1.itineraire.info asset about spedcheck.space rules.similardeals.net tags.clickintext.net lb.apicit.net butstrap.space https://cdncache-a.akamaihd.net secure.liveshoppersmac.com generatorweb.sihot.com maxcdn.bootstrapcdn.com ajax.googleapis.com api.instagram.com connect.facebook.net eval: googleads.g.doubleclick.net inline: maps.googleapis.com platform.instagram.com s.ytimg.com script.hotjar.com 'self' ssl.google-analytics.com static.hotjar.com 'unsafe-eval' 'unsafe-inline' www.googleadservices.com www.google-analytics.com www.googletagmanager.com www.instagram.com www.youtube.com; style-src ajax.googleapis.com fonts.googleapis.com inline: 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com generatorweb.sihot.com; report-uri https://crafted.report-uri.com/r/d/csp/reportOnly 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BcAuTxHxLvFJfHwwFYP8K3lJHww'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-KkULOHbHkAatn8JNADeHIHIDONE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-0NQ18AceWNU8MFKNxR4FOch2DA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-xo7uywnBshQiKLDGnw8dYmSHwkc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VCqefMHPAGpJdjLT1GVRFRnrvA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-AtvbfW77TGN2g7IMQ1ugtB296s'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Ecgz4zu0rZRrVArzcfb9rYgN8Gc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-O3nVINpXfQk4V7NZ6KROw0jEdE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Msy9uWcMuaohruNWjsueHWD9hY0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SCVaOViCjjbQTvL7vMZz4kbgMwU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-bP6b7EcNYBHA0QWo7PTK8XVZv1c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4XEY1KJNJza0EEZoQS5FdhXt9w'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Vk4KbDfOlZROCKENW0FfXEJTKaY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-H5Fh0uDd1qxxNla8PbgkUdx63g'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XSfwRksYRUEI9lzlyujgtgO952A'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OaMYqxUkFhu7lprTfKhlsZGOJkA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SHYARHSQlmy0eJ2hUoQFhFIAiuM'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fDzExr662HDRmc6cDzjdGTaPpo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-aikWz6nzKqo7jo2HdUO3Xyttitw'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-HvA190X06BrfpJEPiz24eKbIg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-V7Dz6KZeIUpSieelKPfq9zPlY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FEgxtWbTGyVX3y0DGYx09qeUMJA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' api.balena-cloud.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1l6p2sc9645hc.cloudfront.net/tracker.js *.gstatic.com *.googleapis.com *.google.com *.google-analytics.com cdn.mxpnl.com js.intercomcdn.com widget.intercom.io cdn.statuspage.io/se-v2.js js.recurly.com; connect-src 'self' api.balena-cloud.com img.balena-cloud.com actions.balena-devices.com terminal.balena-devices.com wss://terminal.balena-devices.com *.sentry.io app.getsentry.com api.github.com api.mixpanel.com api.recurly.com www.google-analytics.com *.pubnub.com *.pndsn.com *.intercom.io wss://*.intercom.io *.statuspage.io *.algolia.net; frame-src api.recurly.com; style-src 'self' 'unsafe-inline' *.google.com *.googleapis.com; img-src 'self' data: *.gstatic.com *.googleapis.com *.google-analytics.com *.intercomcdn.com *.intercomassets.com stats.g.doubleclick.net *.gravatar.com; media-src *.intercomcdn.com; font-src 'self' data: fonts.gstatic.com js.intercomcdn.com; report-uri https://api.balena-cloud.com/csp-report 1
block-all-mixed-content 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nGOofXHHBTI9Cofv4N6yq7PWiU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-BWcuswg5nkSq0Z52avWd4wuoO6g'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-zfGgnl3Tjoi116GpbMf0Rbszq2c'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' data: 'unsafe-inline' a.bongo4u.com; script-src 'self' data: 'unsafe-inline' a.bongo4u.com blob: 'unsafe-eval' *.google.com *.gstatic.com www.google-analytics.com ajax.googleapis.com *.googleusercontent.com *.googleadservices.com *.facebook.net *.twitter.com *.twimg.com *.youtube.com *.ytimg.com *.yahooapis.com *.mailchimp.com *.list-manage.com *.amazonaws.com/downloads.mailchimp.com/ cdnjs.cloudflare.com *.jquery.com; connect-src 'self' data: 'unsafe-inline' a.bongo4u.com comments.emerge2.com util.emerge2.com www.google-analytics.com *.doubleclick.net; frame-src 'self' data: 'unsafe-inline' a.bongo4u.com *.google.com *.google.ca *.youtube.com *.youtu.be *.facebook.com *.twitter.com *.twimg.com *.instagram.com *.yahoo.com *.catalog-display.com *.shortstack.com *.pgtb.me *.formstack.com *.list-manage.com *.doubleclick.net *.orgill.com *.orgill.ca *.ecomadviewer.com *.castlecommunications.ca *.chameleonpower.com *.timbertech.com; object-src 'self' data: 'unsafe-inline' a.bongo4u.com  blob: *.apple.com *.macromedia.com; img-src https: data: blob:; media-src https:; style-src 'self' data: 'unsafe-inline' a.bongo4u.com *.google.com fonts.googleapis.com *.googleusercontent.com *.bootstrapcdn.com *.twitter.com *.twimg.com *.mailchimp.com; font-src 'self' data: 'unsafe-inline' a.bongo4u.com fonts.googleapis.com fonts.gstatic.com *.bootstrapcdn.com *.joinhoney.com/fonts/; report-uri https://util.emerge2.com/report_uri_api.php; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Mq4cSukg6Z6LdEt731axjc6ILg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; connect-src https: wss:;  style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-MVD0Dz0mOBJefQvn2Zd7oi3JQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-S8YlKH2KBHqiXSi53dgIoJ6U0Bk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7ofOcyUeG8twc3NAIdZbBBEJJ0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-CN1lQtQdBMMG5fDbNgwTYBA1sQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-iy0F7wO1aWFhmuUD35uX19Jj3UU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-OrfxpiJxpmBnnCz4HfUJpjHOhLY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-GWYuW5qUsIysBoxAEWt22MWVKeY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-VFtXrxPwY9ub4gETTlaw3qiL4s'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wYX0vpoBFUZi84OPm22uKiLj6g'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-P0fOvjPmgs3lVsRuGXw78hKc2rQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-PnUw4EH0hlVUDqgJsPkFgEDaFpk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-36fzqIQqwkW8rCFme2mvv129fM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-1t5tRHelapcFkoJTWtYltBZMDA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-P0F0x0KvWV1HQrjglrTZhpY4A8Q'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-wzBAw6jOIihZzjKE9vujf1NmY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-XvJnskz8UhEr6YkElT6mb1UfK3w'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FaLcuXTr6Oz4t8o6xqOMS8JTqo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-R0u5X8ie2zzbXbg908epLBPBYCE'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-ph6yvh4tHFGxPlgrE6JEhGH5jpA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-U9VrN71h1SpY2bPj7dW2qWfAfg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EUa0G4orvbDWECuITY7b71HJCw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-SqwjYQLZ1fzKq7TCUz79vfk97cQ'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-d1vsUYgWOgzopwSX4u1IKf5lNNk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src https://www.lookfantastic.de https://m.lookfantastic.de 'unsafe-inline' 'unsafe-eval' data: https://s1.thcdn.com https://s2.thcdn.com https://s3.thcdn.com https://s4.thcdn.com https://tagging.thehut.net https://tag.hut.withcubed.com https://userexperience.thehut.net https://prf.audiencemanager.de https://bat.bing.com https://p.cpx.to https://sslwidget.criteo.com https://static.criteo.net https://widget.us.criteo.com https://widget.eu.criteo.com https://widget.as.criteo.com https://static.doubleclick.net https://www.dwin1.com https://connect.facebook.net https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagservices.com https://www.gstatic.com https://static.hotjar.com https://script.hotjar.com https://*.lpsnmedia.net https://rum-static.pingdom.net https://cdn.trackjs.com https://*.tvsquared.com https://analytics.twitter.com https://platform.twitter.com https://static.ads-twitter.com https://fp.zenaps.com https://seal.digicert.com https://*.liveperson.net https://server.lon.liveperson.net https://lo.v.liveperson.net https://s.pinimg.com https://load.sumome.com https://*.kxcdn.com https://*.trustpilot.com https://www.youtube.com https://s.ytimg.com https://cdn.appdynamics.com https://googleads.g.doubleclick.net/ https://www.google.co.uk/ https://widget.trustpilot.com/; report-uri https://www.lookfantastic.de/cspReport.txt; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Lj4G1J2krWYJZZ9Oe7gHG5HWsg8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3MakJMj4iEw9AceNMzrbyGs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-sFGQSoR6UjtX3WBOBFOUjlJRsQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-YJ6ah3kpxdZgPwOiVcAjx3I5hc'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mKFBsByeCTREvsyX9YlNuZW4fc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qnp5tN16CQhP2oYjwKzSD8z5JY'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-uvvpA0NYripXSjgrxSyhQRNCZ4o'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-0gbIfm9vDaUzgk6zy79PBwwjpi4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-vKiez1mCPCeUi4qnMVQtAvktaA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: dolgojit.net *.yandex.ru https://yandex.ru *.docdoc.ru docdoc.ru https://docdoc.ru https://cdn.docdoc.ru https://w.docdoc.ru https://adservice.google.md http://docdoc.ru https://*.yandex.ru *.yandex.net https://*.yandex.net yandex.st *.yandex.st https://yandex.st https://*.yandex.st https://*.yandex.ua yastatic.net https://yastatic.net yandexadexchange.net *.yandexadexchange.net *.google.com https://*.google.ru https://*.google.com https://*.google.com.ua https://*.google.kz https://*.google.az *.liveinternet.ru *.google-analytics.com https://*.google-analytics.com *.gstatic.com https://*.gstatic.com *.googleapis.com https://*.googleapis.com *.googlesyndication.com https://*.googlesyndication.com *.doubleclick.net https://*.doubleclick.net *.googlezip.net *.yadro.ru https://*.yadro.ru *.youtube.com https://*.youtube.com http://*.mail.ru http://img.imgsmail.ru http://*.cloudflare.com http://r.mradx.net http://*.adriver.ru http://*.adfox.ru *.facebook.net vk.com *.vk.com https://vk.com http://*.buzzoola.com https://*.buzzoola.com http://*.weborama.fr http://*.facetz.net http://*.exe.bid http://*.tns-counter.ru mc.yandex.by google-analytics.com *.facebook.com *.google.fr mc.yandex.kz *.googletagservices.com https://adservice.google.kg/ https://adservice.google.com.lb; report-uri https://dolgojit.net/csp-manager/tracker.php 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline' *.yandex.ru; style-src https: 'unsafe-inline' fonts.googleapis.com; img-src https: data:; font-src https: data: fonts.googleapis.com; frame-src https: www.youtube.com; report-uri /csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kA2kfSMaMgsVe5yWtcKjVqsG6KA'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kALWnduPha1BSM57HicdVdNzc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src pagead2.googlesyndication.com stats.g.doubleclick.net kraken.rambler.ru counter.yadro.ru mc.yandex.ru stats.g.doubleclick.net ssl.google-analytics.com favicon.yandex.net yastatic.net  avatars-fast.yandex.net avatars.mds.yandex.net an.yandex.ru vk.com hron-prostatit.ru data: blob:; font-src fonts.gstatic.com https: data:; report-uri /csp-report 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-JKEsbGrjgS6tbmz9cNpWBqHA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qUCULq2n1CTauCVx7iTfoAsHeQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4SwegVJUtGQMaz6YPoy0F4Zrzw'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rk1nkyU2LKuUee4HCUkTXLWT4I'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3mzMIDdjacsuoTbzhQQtGXg3FA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7EKbLpeFTXhKe3HWUZrNpkT0'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-yYJa2R03FMfqkgz2i0uo5E6LPU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-5Y2y4wH4g9AkMSFVUt9pJJXE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-AslRfc64HbZxmP2BngJfdqpg4M'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Cj8dMT72YFpBEpyMs7ryWjs6o'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.googleapis.com www.google-analytics.com www.googleadservices.com cdn.klarna.com connect.facebook.net https://www.edialog24.no login.edialog24.com https://preprod.edialog24.com fileslogin.edialog24.com d81mfvml8p5ml.cloudfront.net dn1i8v75r669j.cloudfront.net dkpklk99llpj0.cloudfront.net;connect-src 'self' login.edialog24.com am.freshrelevance.com wss://am.freshrelevance.com;report-uri /WebResource.axd?cspReport=true 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-nHgwP5kAhDPvDOOZSDY2KAfxy88'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-EwpccqcfFoYCsHFIeux0JidxOus'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
default-src 'self' http://creatingawebstore.com; font-src 'self' http://creatingawebstore.com; frame-ancestors 'self' http://creatingawebstore.com; img-src 'self' http://ssl.gstatic.com http://creatingawebstore.com; object-src 'self' http://creatingawebstore.com; script-src 'self' 'unsafe-inline' https://adservice.google.com https://apis.google.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com https://www.google-analytics.com https://www.googletagmanager.com http://www.youtube.com http://creatingawebstore.com; style-src 'self' 'unsafe-inline' http://ajax.googleapis.com https://fonts.googleapis.com http://creatingawebstore.com 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-fy4AXRXc6Srich5F3ZUYEZjdhY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-mM7MpDNU1b0aDcDLdTkZp75ukkM'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pvfKA2lT1QvQnBnWAbgZ8rnpY'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3OyJOSlXHoUvCflW5HDECCvjQzo'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-4NjvW3V2pmYuqVFvKYoYkdVTKFs'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-pyIvE47abdl3NnYlOokOyLNRSg'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-e00NR2PPk3ZkVuCKE982awvVWow'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Vll6Wu44o7O3PeVQKaBAkIoU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-tB8vMRJJh6xEkSBWMorPbgEv4c'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-IS8GlwFSaoYhcnudmlSznC9ZpA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-umTHFJBjwVhbNNCHjhjnRy6oD4'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-qUFMhNu2UwEq4PLocWu8ANfZk'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-GsDe0xpZ6U4FJ9RJRBwAQI2vnU'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-O8qye3dRNsDdrR9YndzPBdfRwU'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-rW90awBgzCvuPaSdFHyeFs4'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-W2oH6zDQBEAIyL8IfG3sCcoI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-iAJJ2cNU9qCpy5z7XufyaMg0rc'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-7fb0N0OPllnpFpMQPlsTvzD0kDI'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-kOSjQcG90J0oTjGxCLpofYDlfdE'; object-src 'none'; worker-src blob:; base-uri 'self'; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-u52Urp6IO2dKn9ksYJvofp76F8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-FnPRXHDEsdVT7iNbwydtatdPciA'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-3pnryCmRNHpuUZM9AV6qqiCdJk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-Y7MZ6uKleXdb51j1WJVSZN1lIR8'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.cedexis.com https://*.cedexis-test.com https://*.gemini.yahoo.com 'unsafe-eval' 'nonce-xlXrzeVOVH6FB3kjWcCu14PB3E'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; 1
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com https://*.google-analytics.com https://fc.yahoo.com https://s.yimg.com https://www.googletagservices.com/tag/js/gpt.js https